1*47e946e7SWyllys Ingersoll /* 2*47e946e7SWyllys Ingersoll * Common Public License Version 0.5 3*47e946e7SWyllys Ingersoll * 4*47e946e7SWyllys Ingersoll * THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF 5*47e946e7SWyllys Ingersoll * THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, 6*47e946e7SWyllys Ingersoll * REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES 7*47e946e7SWyllys Ingersoll * RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 8*47e946e7SWyllys Ingersoll * 9*47e946e7SWyllys Ingersoll * 1. DEFINITIONS 10*47e946e7SWyllys Ingersoll * 11*47e946e7SWyllys Ingersoll * "Contribution" means: 12*47e946e7SWyllys Ingersoll * a) in the case of the initial Contributor, the 13*47e946e7SWyllys Ingersoll * initial code and documentation distributed under 14*47e946e7SWyllys Ingersoll * this Agreement, and 15*47e946e7SWyllys Ingersoll * 16*47e946e7SWyllys Ingersoll * b) in the case of each subsequent Contributor: 17*47e946e7SWyllys Ingersoll * i) changes to the Program, and 18*47e946e7SWyllys Ingersoll * ii) additions to the Program; 19*47e946e7SWyllys Ingersoll * 20*47e946e7SWyllys Ingersoll * where such changes and/or additions to the Program 21*47e946e7SWyllys Ingersoll * originate from and are distributed by that 22*47e946e7SWyllys Ingersoll * particular Contributor. A Contribution 'originates' 23*47e946e7SWyllys Ingersoll * from a Contributor if it was added to the Program 24*47e946e7SWyllys Ingersoll * by such Contributor itself or anyone acting on such 25*47e946e7SWyllys Ingersoll * Contributor's behalf. Contributions do not include 26*47e946e7SWyllys Ingersoll * additions to the Program which: (i) are separate 27*47e946e7SWyllys Ingersoll * modules of software distributed in conjunction with 28*47e946e7SWyllys Ingersoll * the Program under their own license agreement, and 29*47e946e7SWyllys Ingersoll * (ii) are not derivative works of the Program. 30*47e946e7SWyllys Ingersoll * 31*47e946e7SWyllys Ingersoll * 32*47e946e7SWyllys Ingersoll * "Contributor" means any person or entity that distributes 33*47e946e7SWyllys Ingersoll * the Program. 34*47e946e7SWyllys Ingersoll * 35*47e946e7SWyllys Ingersoll * "Licensed Patents " mean patent claims licensable by a 36*47e946e7SWyllys Ingersoll * Contributor which are necessarily infringed by the use or 37*47e946e7SWyllys Ingersoll * sale of its Contribution alone or when combined with the 38*47e946e7SWyllys Ingersoll * Program. 39*47e946e7SWyllys Ingersoll * 40*47e946e7SWyllys Ingersoll * "Program" means the Contributions distributed in 41*47e946e7SWyllys Ingersoll * accordance with this Agreement. 42*47e946e7SWyllys Ingersoll * 43*47e946e7SWyllys Ingersoll * "Recipient" means anyone who receives the Program under 44*47e946e7SWyllys Ingersoll * this Agreement, including all Contributors. 45*47e946e7SWyllys Ingersoll * 46*47e946e7SWyllys Ingersoll * 2. GRANT OF RIGHTS 47*47e946e7SWyllys Ingersoll * 48*47e946e7SWyllys Ingersoll * a) Subject to the terms of this Agreement, each 49*47e946e7SWyllys Ingersoll * Contributor hereby grants Recipient a 50*47e946e7SWyllys Ingersoll * no - exclusive, worldwide, royalt - free copyright 51*47e946e7SWyllys Ingersoll * license to reproduce, prepare derivative works of, 52*47e946e7SWyllys Ingersoll * publicly display, publicly perform, distribute and 53*47e946e7SWyllys Ingersoll * sublicense the Contribution of such Contributor, if 54*47e946e7SWyllys Ingersoll * any, and such derivative works, in source code and 55*47e946e7SWyllys Ingersoll * object code form. 56*47e946e7SWyllys Ingersoll * 57*47e946e7SWyllys Ingersoll * b) Subject to the terms of this Agreement, each 58*47e946e7SWyllys Ingersoll * Contributor hereby grants Recipient a 59*47e946e7SWyllys Ingersoll * no - exclusive, worldwide, royalt - free patent 60*47e946e7SWyllys Ingersoll * license under Licensed Patents to make, use, sell, 61*47e946e7SWyllys Ingersoll * offer to sell, import and otherwise transfer the 62*47e946e7SWyllys Ingersoll * Contribution of such Contributor, if any, in source 63*47e946e7SWyllys Ingersoll * code and object code form. This patent license 64*47e946e7SWyllys Ingersoll * shall apply to the combination of the Contribution 65*47e946e7SWyllys Ingersoll * and the Program if, at the time the Contribution is 66*47e946e7SWyllys Ingersoll * added by the Contributor, such addition of the 67*47e946e7SWyllys Ingersoll * Contribution causes such combination to be covered 68*47e946e7SWyllys Ingersoll * by the Licensed Patents. The patent license shall 69*47e946e7SWyllys Ingersoll * not apply to any other combinations which include 70*47e946e7SWyllys Ingersoll * the Contribution. No hardware per se is licensed 71*47e946e7SWyllys Ingersoll * hereunder. 72*47e946e7SWyllys Ingersoll * 73*47e946e7SWyllys Ingersoll * c) Recipient understands that although each 74*47e946e7SWyllys Ingersoll * Contributor grants the licenses to its 75*47e946e7SWyllys Ingersoll * Contributions set forth herein, no assurances are 76*47e946e7SWyllys Ingersoll * provided by any Contributor that the Program does 77*47e946e7SWyllys Ingersoll * not infringe the patent or other intellectual 78*47e946e7SWyllys Ingersoll * property rights of any other entity. Each 79*47e946e7SWyllys Ingersoll * Contributor disclaims any liability to Recipient 80*47e946e7SWyllys Ingersoll * for claims brought by any other entity based on 81*47e946e7SWyllys Ingersoll * infringement of intellectual property rights or 82*47e946e7SWyllys Ingersoll * otherwise. As a condition to exercising the rights 83*47e946e7SWyllys Ingersoll * and licenses granted hereunder, each Recipient 84*47e946e7SWyllys Ingersoll * hereby assumes sole responsibility to secure any 85*47e946e7SWyllys Ingersoll * other intellectual property rights needed, if any. 86*47e946e7SWyllys Ingersoll * 87*47e946e7SWyllys Ingersoll * For example, if a third party patent license is 88*47e946e7SWyllys Ingersoll * required to allow Recipient to distribute the 89*47e946e7SWyllys Ingersoll * Program, it is Recipient's responsibility to 90*47e946e7SWyllys Ingersoll * acquire that license before distributing the 91*47e946e7SWyllys Ingersoll * Program. 92*47e946e7SWyllys Ingersoll * 93*47e946e7SWyllys Ingersoll * d) Each Contributor represents that to its 94*47e946e7SWyllys Ingersoll * knowledge it has sufficient copyright rights in its 95*47e946e7SWyllys Ingersoll * Contribution, if any, to grant the copyright 96*47e946e7SWyllys Ingersoll * license set forth in this Agreement. 97*47e946e7SWyllys Ingersoll * 98*47e946e7SWyllys Ingersoll * 3. REQUIREMENTS 99*47e946e7SWyllys Ingersoll * 100*47e946e7SWyllys Ingersoll * A Contributor may choose to distribute the Program in 101*47e946e7SWyllys Ingersoll * object code form under its own license agreement, provided 102*47e946e7SWyllys Ingersoll * that: 103*47e946e7SWyllys Ingersoll * a) it complies with the terms and conditions of 104*47e946e7SWyllys Ingersoll * this Agreement; and 105*47e946e7SWyllys Ingersoll * 106*47e946e7SWyllys Ingersoll * b) its license agreement: 107*47e946e7SWyllys Ingersoll * i) effectively disclaims on behalf of all 108*47e946e7SWyllys Ingersoll * Contributors all warranties and conditions, express 109*47e946e7SWyllys Ingersoll * and implied, including warranties or conditions of 110*47e946e7SWyllys Ingersoll * title and no - infringement, and implied warranties 111*47e946e7SWyllys Ingersoll * or conditions of merchantability and fitness for a 112*47e946e7SWyllys Ingersoll * particular purpose; 113*47e946e7SWyllys Ingersoll * 114*47e946e7SWyllys Ingersoll * ii) effectively excludes on behalf of all 115*47e946e7SWyllys Ingersoll * Contributors all liability for damages, including 116*47e946e7SWyllys Ingersoll * direct, indirect, special, incidental and 117*47e946e7SWyllys Ingersoll * consequential damages, such as lost profits; 118*47e946e7SWyllys Ingersoll * 119*47e946e7SWyllys Ingersoll * iii) states that any provisions which differ from 120*47e946e7SWyllys Ingersoll * this Agreement are offered by that Contributor 121*47e946e7SWyllys Ingersoll * alone and not by any other party; and 122*47e946e7SWyllys Ingersoll * 123*47e946e7SWyllys Ingersoll * iv) states that source code for the Program is 124*47e946e7SWyllys Ingersoll * available from such Contributor, and informs 125*47e946e7SWyllys Ingersoll * licensees how to obtain it in a reasonable manner 126*47e946e7SWyllys Ingersoll * on or through a medium customarily used for 127*47e946e7SWyllys Ingersoll * software exchange. 128*47e946e7SWyllys Ingersoll * 129*47e946e7SWyllys Ingersoll * When the Program is made available in source code form: 130*47e946e7SWyllys Ingersoll * a) it must be made available under this Agreement; 131*47e946e7SWyllys Ingersoll * and 132*47e946e7SWyllys Ingersoll * b) a copy of this Agreement must be included with 133*47e946e7SWyllys Ingersoll * each copy of the Program. 134*47e946e7SWyllys Ingersoll * 135*47e946e7SWyllys Ingersoll * Contributors may not remove or alter any copyright notices 136*47e946e7SWyllys Ingersoll * contained within the Program. 137*47e946e7SWyllys Ingersoll * 138*47e946e7SWyllys Ingersoll * Each Contributor must identify itself as the originator of 139*47e946e7SWyllys Ingersoll * its Contribution, if any, in a manner that reasonably 140*47e946e7SWyllys Ingersoll * allows subsequent Recipients to identify the originator of 141*47e946e7SWyllys Ingersoll * the Contribution. 142*47e946e7SWyllys Ingersoll * 143*47e946e7SWyllys Ingersoll * 144*47e946e7SWyllys Ingersoll * 4. COMMERCIAL DISTRIBUTION 145*47e946e7SWyllys Ingersoll * 146*47e946e7SWyllys Ingersoll * Commercial distributors of software may accept certain 147*47e946e7SWyllys Ingersoll * responsibilities with respect to end users, business 148*47e946e7SWyllys Ingersoll * partners and the like. While this license is intended to 149*47e946e7SWyllys Ingersoll * facilitate the commercial use of the Program, the 150*47e946e7SWyllys Ingersoll * Contributor who includes the Program in a commercial 151*47e946e7SWyllys Ingersoll * product offering should do so in a manner which does not 152*47e946e7SWyllys Ingersoll * create potential liability for other Contributors. 153*47e946e7SWyllys Ingersoll * Therefore, if a Contributor includes the Program in a 154*47e946e7SWyllys Ingersoll * commercial product offering, such Contributor ("Commercial 155*47e946e7SWyllys Ingersoll * Contributor") hereby agrees to defend and indemnify every 156*47e946e7SWyllys Ingersoll * other Contributor ("Indemnified Contributor") against any 157*47e946e7SWyllys Ingersoll * losses, damages and costs (collectively "Losses") arising 158*47e946e7SWyllys Ingersoll * from claims, lawsuits and other legal actions brought by a 159*47e946e7SWyllys Ingersoll * third party against the Indemnified Contributor to the 160*47e946e7SWyllys Ingersoll * extent caused by the acts or omissions of such Commercial 161*47e946e7SWyllys Ingersoll * Contributor in connection with its distribution of the 162*47e946e7SWyllys Ingersoll * Program in a commercial product offering. The obligations 163*47e946e7SWyllys Ingersoll * in this section do not apply to any claims or Losses 164*47e946e7SWyllys Ingersoll * relating to any actual or alleged intellectual property 165*47e946e7SWyllys Ingersoll * infringement. In order to qualify, an Indemnified 166*47e946e7SWyllys Ingersoll * Contributor must: a) promptly notify the Commercial 167*47e946e7SWyllys Ingersoll * Contributor in writing of such claim, and b) allow the 168*47e946e7SWyllys Ingersoll * Commercial Contributor to control, and cooperate with the 169*47e946e7SWyllys Ingersoll * Commercial Contributor in, the defense and any related 170*47e946e7SWyllys Ingersoll * settlement negotiations. The Indemnified Contributor may 171*47e946e7SWyllys Ingersoll * participate in any such claim at its own expense. 172*47e946e7SWyllys Ingersoll * 173*47e946e7SWyllys Ingersoll * 174*47e946e7SWyllys Ingersoll * For example, a Contributor might include the Program in a 175*47e946e7SWyllys Ingersoll * commercial product offering, Product X. That Contributor 176*47e946e7SWyllys Ingersoll * is then a Commercial Contributor. If that Commercial 177*47e946e7SWyllys Ingersoll * Contributor then makes performance claims, or offers 178*47e946e7SWyllys Ingersoll * warranties related to Product X, those performance claims 179*47e946e7SWyllys Ingersoll * and warranties are such Commercial Contributor's 180*47e946e7SWyllys Ingersoll * responsibility alone. Under this section, the Commercial 181*47e946e7SWyllys Ingersoll * Contributor would have to defend claims against the other 182*47e946e7SWyllys Ingersoll * Contributors related to those performance claims and 183*47e946e7SWyllys Ingersoll * warranties, and if a court requires any other Contributor 184*47e946e7SWyllys Ingersoll * to pay any damages as a result, the Commercial Contributor 185*47e946e7SWyllys Ingersoll * must pay those damages. 186*47e946e7SWyllys Ingersoll * 187*47e946e7SWyllys Ingersoll * 188*47e946e7SWyllys Ingersoll * 5. NO WARRANTY 189*47e946e7SWyllys Ingersoll * 190*47e946e7SWyllys Ingersoll * EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE 191*47e946e7SWyllys Ingersoll * PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT 192*47e946e7SWyllys Ingersoll * WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR 193*47e946e7SWyllys Ingersoll * IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR 194*47e946e7SWyllys Ingersoll * CONDITIONS OF TITLE, NO - INFRINGEMENT, MERCHANTABILITY OR 195*47e946e7SWyllys Ingersoll * FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely 196*47e946e7SWyllys Ingersoll * responsible for determining the appropriateness of using 197*47e946e7SWyllys Ingersoll * and distributing the Program and assumes all risks 198*47e946e7SWyllys Ingersoll * associated with its exercise of rights under this 199*47e946e7SWyllys Ingersoll * Agreement, including but not limited to the risks and 200*47e946e7SWyllys Ingersoll * costs of program errors, compliance with applicable laws, 201*47e946e7SWyllys Ingersoll * damage to or loss of data, programs or equipment, and 202*47e946e7SWyllys Ingersoll * unavailability or interruption of operations. 203*47e946e7SWyllys Ingersoll * 204*47e946e7SWyllys Ingersoll * 6. DISCLAIMER OF LIABILITY 205*47e946e7SWyllys Ingersoll * EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER 206*47e946e7SWyllys Ingersoll * RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY 207*47e946e7SWyllys Ingersoll * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 208*47e946e7SWyllys Ingersoll * OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION 209*47e946e7SWyllys Ingersoll * LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF 210*47e946e7SWyllys Ingersoll * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 211*47e946e7SWyllys Ingersoll * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 212*47e946e7SWyllys Ingersoll * OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE 213*47e946e7SWyllys Ingersoll * OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE 214*47e946e7SWyllys Ingersoll * POSSIBILITY OF SUCH DAMAGES. 215*47e946e7SWyllys Ingersoll * 216*47e946e7SWyllys Ingersoll * 7. GENERAL 217*47e946e7SWyllys Ingersoll * 218*47e946e7SWyllys Ingersoll * If any provision of this Agreement is invalid or 219*47e946e7SWyllys Ingersoll * unenforceable under applicable law, it shall not affect 220*47e946e7SWyllys Ingersoll * the validity or enforceability of the remainder of the 221*47e946e7SWyllys Ingersoll * terms of this Agreement, and without further action by the 222*47e946e7SWyllys Ingersoll * parties hereto, such provision shall be reformed to the 223*47e946e7SWyllys Ingersoll * minimum extent necessary to make such provision valid and 224*47e946e7SWyllys Ingersoll * enforceable. 225*47e946e7SWyllys Ingersoll * 226*47e946e7SWyllys Ingersoll * 227*47e946e7SWyllys Ingersoll * If Recipient institutes patent litigation against a 228*47e946e7SWyllys Ingersoll * Contributor with respect to a patent applicable to 229*47e946e7SWyllys Ingersoll * software (including a cros - claim or counterclaim in a 230*47e946e7SWyllys Ingersoll * lawsuit), then any patent licenses granted by that 231*47e946e7SWyllys Ingersoll * Contributor to such Recipient under this Agreement shall 232*47e946e7SWyllys Ingersoll * terminate as of the date such litigation is filed. In 233*47e946e7SWyllys Ingersoll * addition, If Recipient institutes patent litigation 234*47e946e7SWyllys Ingersoll * against any entity (including a cros - claim or 235*47e946e7SWyllys Ingersoll * counterclaim in a lawsuit) alleging that the Program 236*47e946e7SWyllys Ingersoll * itself (excluding combinations of the Program with other 237*47e946e7SWyllys Ingersoll * software or hardware) infringes such Recipient's 238*47e946e7SWyllys Ingersoll * patent(s), then such Recipient's rights granted under 239*47e946e7SWyllys Ingersoll * Section 2(b) shall terminate as of the date such 240*47e946e7SWyllys Ingersoll * litigation is filed. 241*47e946e7SWyllys Ingersoll * 242*47e946e7SWyllys Ingersoll * All Recipient's rights under this Agreement shall 243*47e946e7SWyllys Ingersoll * terminate if it fails to comply with any of the material 244*47e946e7SWyllys Ingersoll * terms or conditions of this Agreement and does not cure 245*47e946e7SWyllys Ingersoll * such failure in a reasonable period of time after becoming 246*47e946e7SWyllys Ingersoll * aware of such noncompliance. If all Recipient's rights 247*47e946e7SWyllys Ingersoll * under this Agreement terminate, Recipient agrees to cease 248*47e946e7SWyllys Ingersoll * use and distribution of the Program as soon as reasonably 249*47e946e7SWyllys Ingersoll * practicable. However, Recipient's obligations under this 250*47e946e7SWyllys Ingersoll * Agreement and any licenses granted by Recipient relating 251*47e946e7SWyllys Ingersoll * to the Program shall continue and survive. 252*47e946e7SWyllys Ingersoll * 253*47e946e7SWyllys Ingersoll * Everyone is permitted to copy and distribute copies of 254*47e946e7SWyllys Ingersoll * this Agreement, but in order to avoid inconsistency the 255*47e946e7SWyllys Ingersoll * Agreement is copyrighted and may only be modified in the 256*47e946e7SWyllys Ingersoll * following manner. The Agreement Steward reserves the right 257*47e946e7SWyllys Ingersoll * to publish new versions (including revisions) of this 258*47e946e7SWyllys Ingersoll * Agreement from time to time. No one other than the 259*47e946e7SWyllys Ingersoll * Agreement Steward has the right to modify this Agreement. 260*47e946e7SWyllys Ingersoll * 261*47e946e7SWyllys Ingersoll * IBM is the initial Agreement Steward. IBM may assign the 262*47e946e7SWyllys Ingersoll * responsibility to serve as the Agreement Steward to a 263*47e946e7SWyllys Ingersoll * suitable separate entity. Each new version of the 264*47e946e7SWyllys Ingersoll * Agreement will be given a distinguishing version number. 265*47e946e7SWyllys Ingersoll * The Program (including Contributions) may always be 266*47e946e7SWyllys Ingersoll * distributed subject to the version of the Agreement under 267*47e946e7SWyllys Ingersoll * which it was received. In addition, after a new version of 268*47e946e7SWyllys Ingersoll * the Agreement is published, Contributor may elect to 269*47e946e7SWyllys Ingersoll * distribute the Program (including its Contributions) under 270*47e946e7SWyllys Ingersoll * the new version. Except as expressly stated in Sections 271*47e946e7SWyllys Ingersoll * 2(a) and 2(b) above, Recipient receives no rights or 272*47e946e7SWyllys Ingersoll * licenses to the intellectual property of any Contributor 273*47e946e7SWyllys Ingersoll * under this Agreement, whether expressly, by implication, 274*47e946e7SWyllys Ingersoll * estoppel or otherwise. All rights in the Program not 275*47e946e7SWyllys Ingersoll * expressly granted under this Agreement are reserved. 276*47e946e7SWyllys Ingersoll * 277*47e946e7SWyllys Ingersoll * 278*47e946e7SWyllys Ingersoll * This Agreement is governed by the laws of the State of New 279*47e946e7SWyllys Ingersoll * York and the intellectual property laws of the United 280*47e946e7SWyllys Ingersoll * States of America. No party to this Agreement will bring a 281*47e946e7SWyllys Ingersoll * legal action under this Agreement more than one year after 282*47e946e7SWyllys Ingersoll * the cause of action arose. Each party waives its rights to 283*47e946e7SWyllys Ingersoll * a jury trial in any resulting litigation. 284*47e946e7SWyllys Ingersoll * 285*47e946e7SWyllys Ingersoll * 286*47e946e7SWyllys Ingersoll * 287*47e946e7SWyllys Ingersoll * (C) COPYRIGHT International Business Machines Corp. 2001, 2002 288*47e946e7SWyllys Ingersoll */ 289*47e946e7SWyllys Ingersoll /* 290*47e946e7SWyllys Ingersoll * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 291*47e946e7SWyllys Ingersoll * Use is subject to license terms. 292*47e946e7SWyllys Ingersoll */ 293*47e946e7SWyllys Ingersoll #include "tpmtok_int.h" 294*47e946e7SWyllys Ingersoll 295*47e946e7SWyllys Ingersoll CK_ULONG 296*47e946e7SWyllys Ingersoll ber_encode_INTEGER(CK_BBOOL length_only, 297*47e946e7SWyllys Ingersoll CK_BYTE ** ber_int, 298*47e946e7SWyllys Ingersoll CK_ULONG * ber_int_len, 299*47e946e7SWyllys Ingersoll CK_BYTE * data, 300*47e946e7SWyllys Ingersoll CK_ULONG data_len) 301*47e946e7SWyllys Ingersoll { 302*47e946e7SWyllys Ingersoll CK_BYTE *buf = NULL; 303*47e946e7SWyllys Ingersoll CK_ULONG len; 304*47e946e7SWyllys Ingersoll 305*47e946e7SWyllys Ingersoll /* 306*47e946e7SWyllys Ingersoll * if data_len < 127 use short form length id 307*47e946e7SWyllys Ingersoll * if data_len < 256 use long form length id with 308*47e946e7SWyllys Ingersoll * byte length field 309*47e946e7SWyllys Ingersoll * if data_len < 65536 use long form length id with 310*47e946e7SWyllys Ingersoll * byte length field 311*47e946e7SWyllys Ingersoll * if data_len < 16777216 use long form length id 312*47e946e7SWyllys Ingersoll * with byte length field 313*47e946e7SWyllys Ingersoll */ 314*47e946e7SWyllys Ingersoll if (data_len < 128) 315*47e946e7SWyllys Ingersoll len = 1 + 1 + data_len; 316*47e946e7SWyllys Ingersoll else if (data_len < 256) 317*47e946e7SWyllys Ingersoll len = 1 + (1 + 1) + data_len; 318*47e946e7SWyllys Ingersoll else if (data_len < (1 << 16)) 319*47e946e7SWyllys Ingersoll len = 1 + (1 + 2) + data_len; 320*47e946e7SWyllys Ingersoll else if (data_len < (1 << 24)) 321*47e946e7SWyllys Ingersoll len = 1 + (1 + 3) + data_len; 322*47e946e7SWyllys Ingersoll else 323*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 324*47e946e7SWyllys Ingersoll 325*47e946e7SWyllys Ingersoll if (length_only == TRUE) { 326*47e946e7SWyllys Ingersoll *ber_int_len = len; 327*47e946e7SWyllys Ingersoll return (CKR_OK); 328*47e946e7SWyllys Ingersoll } 329*47e946e7SWyllys Ingersoll 330*47e946e7SWyllys Ingersoll buf = (CK_BYTE *)malloc(len); 331*47e946e7SWyllys Ingersoll if (! buf) { 332*47e946e7SWyllys Ingersoll return (CKR_HOST_MEMORY); 333*47e946e7SWyllys Ingersoll } 334*47e946e7SWyllys Ingersoll if (data_len < 128) { 335*47e946e7SWyllys Ingersoll buf[0] = 0x02; 336*47e946e7SWyllys Ingersoll buf[1] = data_len; 337*47e946e7SWyllys Ingersoll (void) memcpy(&buf[2], data, data_len); 338*47e946e7SWyllys Ingersoll 339*47e946e7SWyllys Ingersoll *ber_int_len = len; 340*47e946e7SWyllys Ingersoll *ber_int = buf; 341*47e946e7SWyllys Ingersoll return (CKR_OK); 342*47e946e7SWyllys Ingersoll } 343*47e946e7SWyllys Ingersoll 344*47e946e7SWyllys Ingersoll if (data_len < 256) { 345*47e946e7SWyllys Ingersoll buf[0] = 0x02; 346*47e946e7SWyllys Ingersoll buf[1] = 0x81; 347*47e946e7SWyllys Ingersoll buf[2] = data_len; 348*47e946e7SWyllys Ingersoll (void) memcpy(&buf[3], data, data_len); 349*47e946e7SWyllys Ingersoll 350*47e946e7SWyllys Ingersoll *ber_int_len = len; 351*47e946e7SWyllys Ingersoll *ber_int = buf; 352*47e946e7SWyllys Ingersoll return (CKR_OK); 353*47e946e7SWyllys Ingersoll } 354*47e946e7SWyllys Ingersoll 355*47e946e7SWyllys Ingersoll if (data_len < (1 << 16)) { 356*47e946e7SWyllys Ingersoll buf[0] = 0x02; 357*47e946e7SWyllys Ingersoll buf[1] = 0x82; 358*47e946e7SWyllys Ingersoll buf[2] = (data_len >> 8) & 0xFF; 359*47e946e7SWyllys Ingersoll buf[3] = (data_len) & 0xFF; 360*47e946e7SWyllys Ingersoll (void) memcpy(&buf[4], data, data_len); 361*47e946e7SWyllys Ingersoll 362*47e946e7SWyllys Ingersoll *ber_int_len = len; 363*47e946e7SWyllys Ingersoll *ber_int = buf; 364*47e946e7SWyllys Ingersoll return (CKR_OK); 365*47e946e7SWyllys Ingersoll } 366*47e946e7SWyllys Ingersoll 367*47e946e7SWyllys Ingersoll if (data_len < (1 << 24)) { 368*47e946e7SWyllys Ingersoll buf[0] = 0x02; 369*47e946e7SWyllys Ingersoll buf[1] = 0x83; 370*47e946e7SWyllys Ingersoll buf[2] = (data_len >> 16) & 0xFF; 371*47e946e7SWyllys Ingersoll buf[3] = (data_len >> 8) & 0xFF; 372*47e946e7SWyllys Ingersoll buf[4] = (data_len) & 0xFF; 373*47e946e7SWyllys Ingersoll (void) memcpy(&buf[5], data, data_len); 374*47e946e7SWyllys Ingersoll 375*47e946e7SWyllys Ingersoll *ber_int_len = len; 376*47e946e7SWyllys Ingersoll *ber_int = buf; 377*47e946e7SWyllys Ingersoll return (CKR_OK); 378*47e946e7SWyllys Ingersoll } 379*47e946e7SWyllys Ingersoll 380*47e946e7SWyllys Ingersoll free(buf); 381*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 382*47e946e7SWyllys Ingersoll } 383*47e946e7SWyllys Ingersoll 384*47e946e7SWyllys Ingersoll CK_RV 385*47e946e7SWyllys Ingersoll ber_decode_INTEGER(CK_BYTE * ber_int, 386*47e946e7SWyllys Ingersoll CK_BYTE ** data, 387*47e946e7SWyllys Ingersoll CK_ULONG * data_len, 388*47e946e7SWyllys Ingersoll CK_ULONG * field_len) 389*47e946e7SWyllys Ingersoll { 390*47e946e7SWyllys Ingersoll CK_ULONG len, length_octets; 391*47e946e7SWyllys Ingersoll 392*47e946e7SWyllys Ingersoll if (! ber_int) { 393*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 394*47e946e7SWyllys Ingersoll } 395*47e946e7SWyllys Ingersoll if (ber_int[0] != 0x02) { 396*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 397*47e946e7SWyllys Ingersoll } 398*47e946e7SWyllys Ingersoll if ((ber_int[1] & 0x80) == 0) { 399*47e946e7SWyllys Ingersoll len = ber_int[1] & 0x7F; 400*47e946e7SWyllys Ingersoll 401*47e946e7SWyllys Ingersoll *data = &ber_int[2]; 402*47e946e7SWyllys Ingersoll *data_len = len; 403*47e946e7SWyllys Ingersoll *field_len = 1 + 1 + len; 404*47e946e7SWyllys Ingersoll return (CKR_OK); 405*47e946e7SWyllys Ingersoll } 406*47e946e7SWyllys Ingersoll 407*47e946e7SWyllys Ingersoll length_octets = ber_int[1] & 0x7F; 408*47e946e7SWyllys Ingersoll 409*47e946e7SWyllys Ingersoll if (length_octets == 1) { 410*47e946e7SWyllys Ingersoll len = ber_int[2]; 411*47e946e7SWyllys Ingersoll 412*47e946e7SWyllys Ingersoll *data = &ber_int[3]; 413*47e946e7SWyllys Ingersoll *data_len = len; 414*47e946e7SWyllys Ingersoll *field_len = 1 + (1 + 1) + len; 415*47e946e7SWyllys Ingersoll return (CKR_OK); 416*47e946e7SWyllys Ingersoll } 417*47e946e7SWyllys Ingersoll 418*47e946e7SWyllys Ingersoll if (length_octets == 2) { 419*47e946e7SWyllys Ingersoll len = ber_int[2]; 420*47e946e7SWyllys Ingersoll len = len << 8; 421*47e946e7SWyllys Ingersoll len |= ber_int[3]; 422*47e946e7SWyllys Ingersoll 423*47e946e7SWyllys Ingersoll *data = &ber_int[4]; 424*47e946e7SWyllys Ingersoll *data_len = len; 425*47e946e7SWyllys Ingersoll *field_len = 1 + (1 + 2) + len; 426*47e946e7SWyllys Ingersoll return (CKR_OK); 427*47e946e7SWyllys Ingersoll } 428*47e946e7SWyllys Ingersoll 429*47e946e7SWyllys Ingersoll if (length_octets == 3) { 430*47e946e7SWyllys Ingersoll len = ber_int[2]; 431*47e946e7SWyllys Ingersoll len = len << 8; 432*47e946e7SWyllys Ingersoll len |= ber_int[3]; 433*47e946e7SWyllys Ingersoll len = len << 8; 434*47e946e7SWyllys Ingersoll len |= ber_int[4]; 435*47e946e7SWyllys Ingersoll 436*47e946e7SWyllys Ingersoll *data = &ber_int[5]; 437*47e946e7SWyllys Ingersoll *data_len = len; 438*47e946e7SWyllys Ingersoll *field_len = 1 + (1 + 3) + len; 439*47e946e7SWyllys Ingersoll return (CKR_OK); 440*47e946e7SWyllys Ingersoll } 441*47e946e7SWyllys Ingersoll 442*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 443*47e946e7SWyllys Ingersoll } 444*47e946e7SWyllys Ingersoll 445*47e946e7SWyllys Ingersoll CK_RV 446*47e946e7SWyllys Ingersoll ber_encode_OCTET_STRING(CK_BBOOL length_only, 447*47e946e7SWyllys Ingersoll CK_BYTE ** str, 448*47e946e7SWyllys Ingersoll CK_ULONG * str_len, 449*47e946e7SWyllys Ingersoll CK_BYTE * data, 450*47e946e7SWyllys Ingersoll CK_ULONG data_len) 451*47e946e7SWyllys Ingersoll { 452*47e946e7SWyllys Ingersoll CK_BYTE *buf = NULL; 453*47e946e7SWyllys Ingersoll CK_ULONG len; 454*47e946e7SWyllys Ingersoll 455*47e946e7SWyllys Ingersoll 456*47e946e7SWyllys Ingersoll /* 457*47e946e7SWyllys Ingersoll * if data_len < 128 use shor - form length id 458*47e946e7SWyllys Ingersoll * if data_len < 256 use lon - form length id with - byte length field 459*47e946e7SWyllys Ingersoll * if data_len < 65536 use lon - form length id with - byte length field 460*47e946e7SWyllys Ingersoll */ 461*47e946e7SWyllys Ingersoll if (data_len < 128) 462*47e946e7SWyllys Ingersoll len = 1 + 1 + data_len; 463*47e946e7SWyllys Ingersoll else if (data_len < 256) 464*47e946e7SWyllys Ingersoll len = 1 + (1 + 1) + data_len; 465*47e946e7SWyllys Ingersoll else if (data_len < (1 << 16)) 466*47e946e7SWyllys Ingersoll len = 1 + (1 + 2) + data_len; 467*47e946e7SWyllys Ingersoll else if (data_len < (1 << 24)) 468*47e946e7SWyllys Ingersoll len = 1 + (1 + 3) + data_len; 469*47e946e7SWyllys Ingersoll else 470*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 471*47e946e7SWyllys Ingersoll 472*47e946e7SWyllys Ingersoll if (length_only == TRUE) { 473*47e946e7SWyllys Ingersoll *str_len = len; 474*47e946e7SWyllys Ingersoll return (CKR_OK); 475*47e946e7SWyllys Ingersoll } 476*47e946e7SWyllys Ingersoll 477*47e946e7SWyllys Ingersoll buf = (CK_BYTE *)malloc(len); 478*47e946e7SWyllys Ingersoll if (! buf) { 479*47e946e7SWyllys Ingersoll return (CKR_HOST_MEMORY); 480*47e946e7SWyllys Ingersoll } 481*47e946e7SWyllys Ingersoll 482*47e946e7SWyllys Ingersoll if (data_len < 128) { 483*47e946e7SWyllys Ingersoll buf[0] = 0x04; /* primitive, OCTET STRING */ 484*47e946e7SWyllys Ingersoll buf[1] = data_len; 485*47e946e7SWyllys Ingersoll (void) memcpy(&buf[2], data, data_len); 486*47e946e7SWyllys Ingersoll 487*47e946e7SWyllys Ingersoll *str_len = len; 488*47e946e7SWyllys Ingersoll *str = buf; 489*47e946e7SWyllys Ingersoll return (CKR_OK); 490*47e946e7SWyllys Ingersoll } 491*47e946e7SWyllys Ingersoll 492*47e946e7SWyllys Ingersoll if (data_len < 256) { 493*47e946e7SWyllys Ingersoll buf[0] = 0x04; /* primitive, OCTET STRING */ 494*47e946e7SWyllys Ingersoll buf[1] = 0x81; /* length header -- 1 length octets */ 495*47e946e7SWyllys Ingersoll buf[2] = data_len; 496*47e946e7SWyllys Ingersoll 497*47e946e7SWyllys Ingersoll (void) memcpy(&buf[3], data, data_len); 498*47e946e7SWyllys Ingersoll 499*47e946e7SWyllys Ingersoll *str_len = len; 500*47e946e7SWyllys Ingersoll *str = buf; 501*47e946e7SWyllys Ingersoll return (CKR_OK); 502*47e946e7SWyllys Ingersoll } 503*47e946e7SWyllys Ingersoll 504*47e946e7SWyllys Ingersoll if (data_len < (1 << 16)) { 505*47e946e7SWyllys Ingersoll buf[0] = 0x04; /* primitive, OCTET STRING */ 506*47e946e7SWyllys Ingersoll buf[1] = 0x82; /* length header -- 2 length octets */ 507*47e946e7SWyllys Ingersoll buf[2] = (data_len >> 8) & 0xFF; 508*47e946e7SWyllys Ingersoll buf[3] = (data_len) & 0xFF; 509*47e946e7SWyllys Ingersoll 510*47e946e7SWyllys Ingersoll (void) memcpy(&buf[4], data, data_len); 511*47e946e7SWyllys Ingersoll 512*47e946e7SWyllys Ingersoll *str_len = len; 513*47e946e7SWyllys Ingersoll *str = buf; 514*47e946e7SWyllys Ingersoll return (CKR_OK); 515*47e946e7SWyllys Ingersoll } 516*47e946e7SWyllys Ingersoll 517*47e946e7SWyllys Ingersoll if (data_len < (1 << 24)) { 518*47e946e7SWyllys Ingersoll buf[0] = 0x04; /* primitive, OCTET STRING */ 519*47e946e7SWyllys Ingersoll buf[1] = 0x83; /* length header -- 3 length octets */ 520*47e946e7SWyllys Ingersoll buf[2] = (data_len >> 16) & 0xFF; 521*47e946e7SWyllys Ingersoll buf[3] = (data_len >> 8) & 0xFF; 522*47e946e7SWyllys Ingersoll buf[4] = (data_len) & 0xFF; 523*47e946e7SWyllys Ingersoll 524*47e946e7SWyllys Ingersoll (void) memcpy(&buf[5], data, data_len); 525*47e946e7SWyllys Ingersoll 526*47e946e7SWyllys Ingersoll *str_len = len; 527*47e946e7SWyllys Ingersoll *str = buf; 528*47e946e7SWyllys Ingersoll return (CKR_OK); 529*47e946e7SWyllys Ingersoll } 530*47e946e7SWyllys Ingersoll 531*47e946e7SWyllys Ingersoll free(buf); 532*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 533*47e946e7SWyllys Ingersoll } 534*47e946e7SWyllys Ingersoll 535*47e946e7SWyllys Ingersoll CK_RV 536*47e946e7SWyllys Ingersoll ber_decode_OCTET_STRING(CK_BYTE * str, 537*47e946e7SWyllys Ingersoll CK_BYTE ** data, 538*47e946e7SWyllys Ingersoll CK_ULONG * data_len, 539*47e946e7SWyllys Ingersoll CK_ULONG * field_len) 540*47e946e7SWyllys Ingersoll { 541*47e946e7SWyllys Ingersoll CK_ULONG len, length_octets; 542*47e946e7SWyllys Ingersoll 543*47e946e7SWyllys Ingersoll if (! str) { 544*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 545*47e946e7SWyllys Ingersoll } 546*47e946e7SWyllys Ingersoll if (str[0] != 0x04) { 547*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 548*47e946e7SWyllys Ingersoll } 549*47e946e7SWyllys Ingersoll if ((str[1] & 0x80) == 0) { 550*47e946e7SWyllys Ingersoll len = str[1] & 0x7F; 551*47e946e7SWyllys Ingersoll 552*47e946e7SWyllys Ingersoll *data = &str[2]; 553*47e946e7SWyllys Ingersoll *data_len = len; 554*47e946e7SWyllys Ingersoll *field_len = 1 + (1) + len; 555*47e946e7SWyllys Ingersoll return (CKR_OK); 556*47e946e7SWyllys Ingersoll } 557*47e946e7SWyllys Ingersoll 558*47e946e7SWyllys Ingersoll length_octets = str[1] & 0x7F; 559*47e946e7SWyllys Ingersoll 560*47e946e7SWyllys Ingersoll if (length_octets == 1) { 561*47e946e7SWyllys Ingersoll len = str[2]; 562*47e946e7SWyllys Ingersoll 563*47e946e7SWyllys Ingersoll *data = &str[3]; 564*47e946e7SWyllys Ingersoll *data_len = len; 565*47e946e7SWyllys Ingersoll *field_len = 1 + (1 + 1) + len; 566*47e946e7SWyllys Ingersoll return (CKR_OK); 567*47e946e7SWyllys Ingersoll } 568*47e946e7SWyllys Ingersoll 569*47e946e7SWyllys Ingersoll if (length_octets == 2) { 570*47e946e7SWyllys Ingersoll len = str[2]; 571*47e946e7SWyllys Ingersoll len = len << 8; 572*47e946e7SWyllys Ingersoll len |= str[3]; 573*47e946e7SWyllys Ingersoll 574*47e946e7SWyllys Ingersoll *data = &str[4]; 575*47e946e7SWyllys Ingersoll *data_len = len; 576*47e946e7SWyllys Ingersoll *field_len = 1 + (1 + 2) + len; 577*47e946e7SWyllys Ingersoll return (CKR_OK); 578*47e946e7SWyllys Ingersoll } 579*47e946e7SWyllys Ingersoll 580*47e946e7SWyllys Ingersoll if (length_octets == 3) { 581*47e946e7SWyllys Ingersoll len = str[2]; 582*47e946e7SWyllys Ingersoll len = len << 8; 583*47e946e7SWyllys Ingersoll len |= str[3]; 584*47e946e7SWyllys Ingersoll len = len << 8; 585*47e946e7SWyllys Ingersoll len |= str[4]; 586*47e946e7SWyllys Ingersoll 587*47e946e7SWyllys Ingersoll *data = &str[5]; 588*47e946e7SWyllys Ingersoll *data_len = len; 589*47e946e7SWyllys Ingersoll *field_len = 1 + (1 + 3) + len; 590*47e946e7SWyllys Ingersoll return (CKR_OK); 591*47e946e7SWyllys Ingersoll } 592*47e946e7SWyllys Ingersoll 593*47e946e7SWyllys Ingersoll /* > 3 length octets implies a length > 16MB */ 594*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 595*47e946e7SWyllys Ingersoll } 596*47e946e7SWyllys Ingersoll 597*47e946e7SWyllys Ingersoll CK_RV 598*47e946e7SWyllys Ingersoll ber_encode_SEQUENCE(CK_BBOOL length_only, 599*47e946e7SWyllys Ingersoll CK_BYTE ** seq, 600*47e946e7SWyllys Ingersoll CK_ULONG * seq_len, 601*47e946e7SWyllys Ingersoll CK_BYTE * data, 602*47e946e7SWyllys Ingersoll CK_ULONG data_len) 603*47e946e7SWyllys Ingersoll { 604*47e946e7SWyllys Ingersoll CK_BYTE *buf = NULL; 605*47e946e7SWyllys Ingersoll CK_ULONG len; 606*47e946e7SWyllys Ingersoll 607*47e946e7SWyllys Ingersoll if (data_len < 128) 608*47e946e7SWyllys Ingersoll len = 1 + 1 + data_len; 609*47e946e7SWyllys Ingersoll else if (data_len < 256) 610*47e946e7SWyllys Ingersoll len = 1 + (1 + 1) + data_len; 611*47e946e7SWyllys Ingersoll else if (data_len < (1 << 16)) 612*47e946e7SWyllys Ingersoll len = 1 + (1 + 2) + data_len; 613*47e946e7SWyllys Ingersoll else if (data_len < (1 << 24)) 614*47e946e7SWyllys Ingersoll len = 1 + (1 + 3) + data_len; 615*47e946e7SWyllys Ingersoll else 616*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 617*47e946e7SWyllys Ingersoll 618*47e946e7SWyllys Ingersoll if (length_only == TRUE) { 619*47e946e7SWyllys Ingersoll *seq_len = len; 620*47e946e7SWyllys Ingersoll return (CKR_OK); 621*47e946e7SWyllys Ingersoll } 622*47e946e7SWyllys Ingersoll 623*47e946e7SWyllys Ingersoll buf = (CK_BYTE *)malloc(len); 624*47e946e7SWyllys Ingersoll if (! buf) { 625*47e946e7SWyllys Ingersoll return (CKR_HOST_MEMORY); 626*47e946e7SWyllys Ingersoll } 627*47e946e7SWyllys Ingersoll 628*47e946e7SWyllys Ingersoll if (data_len < 128) { 629*47e946e7SWyllys Ingersoll buf[0] = 0x30; /* constructed, SEQUENCE */ 630*47e946e7SWyllys Ingersoll buf[1] = data_len; 631*47e946e7SWyllys Ingersoll (void) memcpy(&buf[2], data, data_len); 632*47e946e7SWyllys Ingersoll 633*47e946e7SWyllys Ingersoll *seq_len = len; 634*47e946e7SWyllys Ingersoll *seq = buf; 635*47e946e7SWyllys Ingersoll return (CKR_OK); 636*47e946e7SWyllys Ingersoll } 637*47e946e7SWyllys Ingersoll 638*47e946e7SWyllys Ingersoll if (data_len < 256) { 639*47e946e7SWyllys Ingersoll buf[0] = 0x30; /* constructed, SEQUENCE */ 640*47e946e7SWyllys Ingersoll buf[1] = 0x81; /* length header -- 1 length octets */ 641*47e946e7SWyllys Ingersoll buf[2] = data_len; 642*47e946e7SWyllys Ingersoll 643*47e946e7SWyllys Ingersoll (void) memcpy(&buf[3], data, data_len); 644*47e946e7SWyllys Ingersoll 645*47e946e7SWyllys Ingersoll *seq_len = len; 646*47e946e7SWyllys Ingersoll *seq = buf; 647*47e946e7SWyllys Ingersoll return (CKR_OK); 648*47e946e7SWyllys Ingersoll } 649*47e946e7SWyllys Ingersoll 650*47e946e7SWyllys Ingersoll if (data_len < (1 << 16)) { 651*47e946e7SWyllys Ingersoll buf[0] = 0x30; /* constructed, SEQUENCE */ 652*47e946e7SWyllys Ingersoll buf[1] = 0x82; /* length header -- 2 length octets */ 653*47e946e7SWyllys Ingersoll buf[2] = (data_len >> 8) & 0xFF; 654*47e946e7SWyllys Ingersoll buf[3] = (data_len) & 0xFF; 655*47e946e7SWyllys Ingersoll 656*47e946e7SWyllys Ingersoll (void) memcpy(&buf[4], data, data_len); 657*47e946e7SWyllys Ingersoll 658*47e946e7SWyllys Ingersoll *seq_len = len; 659*47e946e7SWyllys Ingersoll *seq = buf; 660*47e946e7SWyllys Ingersoll return (CKR_OK); 661*47e946e7SWyllys Ingersoll } 662*47e946e7SWyllys Ingersoll 663*47e946e7SWyllys Ingersoll if (data_len < (1 << 24)) { 664*47e946e7SWyllys Ingersoll buf[0] = 0x30; /* constructed, SEQUENCE */ 665*47e946e7SWyllys Ingersoll buf[1] = 0x83; /* length header -- 3 length octets */ 666*47e946e7SWyllys Ingersoll buf[2] = (data_len >> 16) & 0xFF; 667*47e946e7SWyllys Ingersoll buf[3] = (data_len >> 8) & 0xFF; 668*47e946e7SWyllys Ingersoll buf[4] = (data_len) & 0xFF; 669*47e946e7SWyllys Ingersoll 670*47e946e7SWyllys Ingersoll (void) memcpy(&buf[5], data, data_len); 671*47e946e7SWyllys Ingersoll 672*47e946e7SWyllys Ingersoll *seq_len = len; 673*47e946e7SWyllys Ingersoll *seq = buf; 674*47e946e7SWyllys Ingersoll return (CKR_OK); 675*47e946e7SWyllys Ingersoll } 676*47e946e7SWyllys Ingersoll 677*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 678*47e946e7SWyllys Ingersoll } 679*47e946e7SWyllys Ingersoll 680*47e946e7SWyllys Ingersoll CK_RV 681*47e946e7SWyllys Ingersoll ber_decode_SEQUENCE(CK_BYTE * seq, 682*47e946e7SWyllys Ingersoll CK_BYTE ** data, 683*47e946e7SWyllys Ingersoll CK_ULONG * data_len, 684*47e946e7SWyllys Ingersoll CK_ULONG * field_len) 685*47e946e7SWyllys Ingersoll { 686*47e946e7SWyllys Ingersoll CK_ULONG len, length_octets; 687*47e946e7SWyllys Ingersoll 688*47e946e7SWyllys Ingersoll if (! seq) { 689*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 690*47e946e7SWyllys Ingersoll } 691*47e946e7SWyllys Ingersoll if (seq[0] != 0x30) { 692*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 693*47e946e7SWyllys Ingersoll } 694*47e946e7SWyllys Ingersoll if ((seq[1] & 0x80) == 0) { 695*47e946e7SWyllys Ingersoll len = seq[1] & 0x7F; 696*47e946e7SWyllys Ingersoll 697*47e946e7SWyllys Ingersoll *data = &seq[2]; 698*47e946e7SWyllys Ingersoll *data_len = len; 699*47e946e7SWyllys Ingersoll *field_len = 1 + (1) + len; 700*47e946e7SWyllys Ingersoll return (CKR_OK); 701*47e946e7SWyllys Ingersoll } 702*47e946e7SWyllys Ingersoll 703*47e946e7SWyllys Ingersoll length_octets = seq[1] & 0x7F; 704*47e946e7SWyllys Ingersoll 705*47e946e7SWyllys Ingersoll if (length_octets == 1) { 706*47e946e7SWyllys Ingersoll len = seq[2]; 707*47e946e7SWyllys Ingersoll 708*47e946e7SWyllys Ingersoll *data = &seq[3]; 709*47e946e7SWyllys Ingersoll *data_len = len; 710*47e946e7SWyllys Ingersoll *field_len = 1 + (1 + 1) + len; 711*47e946e7SWyllys Ingersoll return (CKR_OK); 712*47e946e7SWyllys Ingersoll } 713*47e946e7SWyllys Ingersoll 714*47e946e7SWyllys Ingersoll if (length_octets == 2) { 715*47e946e7SWyllys Ingersoll len = seq[2]; 716*47e946e7SWyllys Ingersoll len = len << 8; 717*47e946e7SWyllys Ingersoll len |= seq[3]; 718*47e946e7SWyllys Ingersoll 719*47e946e7SWyllys Ingersoll *data = &seq[4]; 720*47e946e7SWyllys Ingersoll *data_len = len; 721*47e946e7SWyllys Ingersoll *field_len = 1 + (1 + 2) + len; 722*47e946e7SWyllys Ingersoll return (CKR_OK); 723*47e946e7SWyllys Ingersoll } 724*47e946e7SWyllys Ingersoll 725*47e946e7SWyllys Ingersoll if (length_octets == 3) { 726*47e946e7SWyllys Ingersoll len = seq[2]; 727*47e946e7SWyllys Ingersoll len = len << 8; 728*47e946e7SWyllys Ingersoll len |= seq[3]; 729*47e946e7SWyllys Ingersoll len = len << 8; 730*47e946e7SWyllys Ingersoll len |= seq[4]; 731*47e946e7SWyllys Ingersoll 732*47e946e7SWyllys Ingersoll *data = &seq[5]; 733*47e946e7SWyllys Ingersoll *data_len = len; 734*47e946e7SWyllys Ingersoll *field_len = 1 + (1 + 3) + len; 735*47e946e7SWyllys Ingersoll return (CKR_OK); 736*47e946e7SWyllys Ingersoll } 737*47e946e7SWyllys Ingersoll 738*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 739*47e946e7SWyllys Ingersoll } 740*47e946e7SWyllys Ingersoll 741*47e946e7SWyllys Ingersoll /* 742*47e946e7SWyllys Ingersoll * 743*47e946e7SWyllys Ingersoll * PrivateKeyInfo ::= SEQUENCE { 744*47e946e7SWyllys Ingersoll * version Version -- always '0' for now 745*47e946e7SWyllys Ingersoll * privateKeyAlgorithm PrivateKeyAlgorithmIdentifier 746*47e946e7SWyllys Ingersoll * privateKey PrivateKey 747*47e946e7SWyllys Ingersoll * attributes 748*47e946e7SWyllys Ingersoll * } 749*47e946e7SWyllys Ingersoll */ 750*47e946e7SWyllys Ingersoll CK_RV 751*47e946e7SWyllys Ingersoll ber_encode_PrivateKeyInfo(CK_BBOOL length_only, 752*47e946e7SWyllys Ingersoll CK_BYTE ** data, 753*47e946e7SWyllys Ingersoll CK_ULONG * data_len, 754*47e946e7SWyllys Ingersoll CK_BYTE * algorithm_id, 755*47e946e7SWyllys Ingersoll CK_ULONG algorithm_id_len, 756*47e946e7SWyllys Ingersoll CK_BYTE * priv_key, 757*47e946e7SWyllys Ingersoll CK_ULONG priv_key_len) 758*47e946e7SWyllys Ingersoll { 759*47e946e7SWyllys Ingersoll CK_BYTE * buf = NULL; 760*47e946e7SWyllys Ingersoll CK_BYTE * tmp = NULL; 761*47e946e7SWyllys Ingersoll CK_BYTE version[] = { 0 }; 762*47e946e7SWyllys Ingersoll CK_BYTE attrib[] = { 0x05, 0x00 }; 763*47e946e7SWyllys Ingersoll CK_ULONG len, total; 764*47e946e7SWyllys Ingersoll CK_RV rc; 765*47e946e7SWyllys Ingersoll 766*47e946e7SWyllys Ingersoll len = 0; 767*47e946e7SWyllys Ingersoll 768*47e946e7SWyllys Ingersoll rc = ber_encode_INTEGER(TRUE, NULL, &total, version, sizeof (version)); 769*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 770*47e946e7SWyllys Ingersoll return (rc); 771*47e946e7SWyllys Ingersoll } 772*47e946e7SWyllys Ingersoll else 773*47e946e7SWyllys Ingersoll len += total; 774*47e946e7SWyllys Ingersoll 775*47e946e7SWyllys Ingersoll len += algorithm_id_len; 776*47e946e7SWyllys Ingersoll 777*47e946e7SWyllys Ingersoll rc = ber_encode_OCTET_STRING(TRUE, NULL, &total, 778*47e946e7SWyllys Ingersoll priv_key, priv_key_len); 779*47e946e7SWyllys Ingersoll 780*47e946e7SWyllys Ingersoll if (rc != CKR_OK) 781*47e946e7SWyllys Ingersoll return (rc); 782*47e946e7SWyllys Ingersoll 783*47e946e7SWyllys Ingersoll len += total; 784*47e946e7SWyllys Ingersoll 785*47e946e7SWyllys Ingersoll /* for this stuff, attributes are always NULL == 05 00 */ 786*47e946e7SWyllys Ingersoll len += sizeof (attrib); 787*47e946e7SWyllys Ingersoll 788*47e946e7SWyllys Ingersoll if (length_only == TRUE) { 789*47e946e7SWyllys Ingersoll rc = ber_encode_SEQUENCE(TRUE, NULL, &total, NULL, len); 790*47e946e7SWyllys Ingersoll 791*47e946e7SWyllys Ingersoll if (rc == CKR_OK) 792*47e946e7SWyllys Ingersoll *data_len = total; 793*47e946e7SWyllys Ingersoll return (rc); 794*47e946e7SWyllys Ingersoll } 795*47e946e7SWyllys Ingersoll 796*47e946e7SWyllys Ingersoll buf = (CK_BYTE *)malloc(len); 797*47e946e7SWyllys Ingersoll if (! buf) { 798*47e946e7SWyllys Ingersoll return (CKR_HOST_MEMORY); 799*47e946e7SWyllys Ingersoll } 800*47e946e7SWyllys Ingersoll len = 0; 801*47e946e7SWyllys Ingersoll rc = ber_encode_INTEGER(FALSE, &tmp, &total, version, sizeof (version)); 802*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 803*47e946e7SWyllys Ingersoll goto error; 804*47e946e7SWyllys Ingersoll } 805*47e946e7SWyllys Ingersoll (void) memcpy(buf + len, tmp, total); 806*47e946e7SWyllys Ingersoll len += total; 807*47e946e7SWyllys Ingersoll free(tmp); 808*47e946e7SWyllys Ingersoll 809*47e946e7SWyllys Ingersoll (void) memcpy(buf + len, algorithm_id, algorithm_id_len); 810*47e946e7SWyllys Ingersoll len += algorithm_id_len; 811*47e946e7SWyllys Ingersoll 812*47e946e7SWyllys Ingersoll rc = ber_encode_OCTET_STRING(FALSE, &tmp, &total, 813*47e946e7SWyllys Ingersoll priv_key, priv_key_len); 814*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 815*47e946e7SWyllys Ingersoll goto error; 816*47e946e7SWyllys Ingersoll } 817*47e946e7SWyllys Ingersoll (void) memcpy(buf + len, tmp, total); 818*47e946e7SWyllys Ingersoll len += total; 819*47e946e7SWyllys Ingersoll free(tmp); 820*47e946e7SWyllys Ingersoll 821*47e946e7SWyllys Ingersoll (void) memcpy(buf + len, attrib, sizeof (attrib)); 822*47e946e7SWyllys Ingersoll len += sizeof (attrib); 823*47e946e7SWyllys Ingersoll 824*47e946e7SWyllys Ingersoll rc = ber_encode_SEQUENCE(FALSE, data, data_len, buf, len); 825*47e946e7SWyllys Ingersoll 826*47e946e7SWyllys Ingersoll error: 827*47e946e7SWyllys Ingersoll free(buf); 828*47e946e7SWyllys Ingersoll return (rc); 829*47e946e7SWyllys Ingersoll } 830*47e946e7SWyllys Ingersoll 831*47e946e7SWyllys Ingersoll CK_RV 832*47e946e7SWyllys Ingersoll ber_decode_PrivateKeyInfo(CK_BYTE * data, 833*47e946e7SWyllys Ingersoll CK_ULONG data_len, 834*47e946e7SWyllys Ingersoll CK_BYTE ** algorithm, 835*47e946e7SWyllys Ingersoll CK_ULONG * alg_len, 836*47e946e7SWyllys Ingersoll CK_BYTE ** priv_key) 837*47e946e7SWyllys Ingersoll { 838*47e946e7SWyllys Ingersoll CK_BYTE *buf = NULL; 839*47e946e7SWyllys Ingersoll CK_BYTE *alg = NULL; 840*47e946e7SWyllys Ingersoll CK_BYTE *ver = NULL; 841*47e946e7SWyllys Ingersoll CK_ULONG buf_len, offset, len, field_len; 842*47e946e7SWyllys Ingersoll CK_RV rc; 843*47e946e7SWyllys Ingersoll 844*47e946e7SWyllys Ingersoll if (! data || (data_len == 0)) { 845*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 846*47e946e7SWyllys Ingersoll } 847*47e946e7SWyllys Ingersoll rc = ber_decode_SEQUENCE(data, &buf, &buf_len, &field_len); 848*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 849*47e946e7SWyllys Ingersoll return (rc); 850*47e946e7SWyllys Ingersoll } 851*47e946e7SWyllys Ingersoll offset = 0; 852*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &ver, &len, &field_len); 853*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 854*47e946e7SWyllys Ingersoll return (rc); 855*47e946e7SWyllys Ingersoll } 856*47e946e7SWyllys Ingersoll offset += field_len; 857*47e946e7SWyllys Ingersoll 858*47e946e7SWyllys Ingersoll rc = ber_decode_SEQUENCE(buf + offset, &alg, &len, &field_len); 859*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 860*47e946e7SWyllys Ingersoll return (rc); 861*47e946e7SWyllys Ingersoll } 862*47e946e7SWyllys Ingersoll *algorithm = alg; 863*47e946e7SWyllys Ingersoll *alg_len = len; 864*47e946e7SWyllys Ingersoll 865*47e946e7SWyllys Ingersoll rc = ber_decode_OCTET_STRING(alg + len, priv_key, &buf_len, &field_len); 866*47e946e7SWyllys Ingersoll return (rc); 867*47e946e7SWyllys Ingersoll } 868*47e946e7SWyllys Ingersoll 869*47e946e7SWyllys Ingersoll /* 870*47e946e7SWyllys Ingersoll * RSAPrivateKey ::= SEQUENCE { 871*47e946e7SWyllys Ingersoll * version Version -- always '0' for now 872*47e946e7SWyllys Ingersoll * modulus INTEGER 873*47e946e7SWyllys Ingersoll * publicExponent INTEGER 874*47e946e7SWyllys Ingersoll * privateExponent INTEGER 875*47e946e7SWyllys Ingersoll * prime1 INTEGER 876*47e946e7SWyllys Ingersoll * prime2 INTEGER 877*47e946e7SWyllys Ingersoll * exponent1 INTEGER 878*47e946e7SWyllys Ingersoll * exponent2 INTEGER 879*47e946e7SWyllys Ingersoll * coefficient INTEGER 880*47e946e7SWyllys Ingersoll * } 881*47e946e7SWyllys Ingersoll */ 882*47e946e7SWyllys Ingersoll CK_RV 883*47e946e7SWyllys Ingersoll ber_encode_RSAPrivateKey(CK_BBOOL length_only, 884*47e946e7SWyllys Ingersoll CK_BYTE ** data, 885*47e946e7SWyllys Ingersoll CK_ULONG * data_len, 886*47e946e7SWyllys Ingersoll CK_ATTRIBUTE * modulus, 887*47e946e7SWyllys Ingersoll CK_ATTRIBUTE * publ_exp, 888*47e946e7SWyllys Ingersoll CK_ATTRIBUTE * priv_exp, 889*47e946e7SWyllys Ingersoll CK_ATTRIBUTE * prime1, 890*47e946e7SWyllys Ingersoll CK_ATTRIBUTE * prime2, 891*47e946e7SWyllys Ingersoll CK_ATTRIBUTE * exponent1, 892*47e946e7SWyllys Ingersoll CK_ATTRIBUTE * exponent2, 893*47e946e7SWyllys Ingersoll CK_ATTRIBUTE * coeff) 894*47e946e7SWyllys Ingersoll { 895*47e946e7SWyllys Ingersoll CK_BYTE *buf = NULL; 896*47e946e7SWyllys Ingersoll CK_BYTE *buf2 = NULL; 897*47e946e7SWyllys Ingersoll CK_ULONG len, offset; 898*47e946e7SWyllys Ingersoll CK_BYTE version[] = { 0 }; 899*47e946e7SWyllys Ingersoll CK_RV rc; 900*47e946e7SWyllys Ingersoll 901*47e946e7SWyllys Ingersoll offset = 0; 902*47e946e7SWyllys Ingersoll rc = 0; 903*47e946e7SWyllys Ingersoll 904*47e946e7SWyllys Ingersoll rc |= ber_encode_INTEGER(TRUE, NULL, &len, NULL, 905*47e946e7SWyllys Ingersoll sizeof (version)); 906*47e946e7SWyllys Ingersoll offset += len; 907*47e946e7SWyllys Ingersoll rc |= ber_encode_INTEGER(TRUE, NULL, &len, NULL, 908*47e946e7SWyllys Ingersoll modulus->ulValueLen); 909*47e946e7SWyllys Ingersoll offset += len; 910*47e946e7SWyllys Ingersoll rc |= ber_encode_INTEGER(TRUE, NULL, &len, NULL, 911*47e946e7SWyllys Ingersoll publ_exp->ulValueLen); 912*47e946e7SWyllys Ingersoll offset += len; 913*47e946e7SWyllys Ingersoll rc |= ber_encode_INTEGER(TRUE, NULL, &len, NULL, 914*47e946e7SWyllys Ingersoll priv_exp->ulValueLen); 915*47e946e7SWyllys Ingersoll offset += len; 916*47e946e7SWyllys Ingersoll rc |= ber_encode_INTEGER(TRUE, NULL, &len, NULL, 917*47e946e7SWyllys Ingersoll prime1->ulValueLen); 918*47e946e7SWyllys Ingersoll offset += len; 919*47e946e7SWyllys Ingersoll rc |= ber_encode_INTEGER(TRUE, NULL, &len, NULL, 920*47e946e7SWyllys Ingersoll prime2->ulValueLen); 921*47e946e7SWyllys Ingersoll offset += len; 922*47e946e7SWyllys Ingersoll rc |= ber_encode_INTEGER(TRUE, NULL, &len, NULL, 923*47e946e7SWyllys Ingersoll exponent1->ulValueLen); 924*47e946e7SWyllys Ingersoll offset += len; 925*47e946e7SWyllys Ingersoll rc |= ber_encode_INTEGER(TRUE, NULL, &len, NULL, 926*47e946e7SWyllys Ingersoll exponent2->ulValueLen); 927*47e946e7SWyllys Ingersoll offset += len; 928*47e946e7SWyllys Ingersoll rc |= ber_encode_INTEGER(TRUE, NULL, &len, NULL, 929*47e946e7SWyllys Ingersoll coeff->ulValueLen); 930*47e946e7SWyllys Ingersoll offset += len; 931*47e946e7SWyllys Ingersoll 932*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 933*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 934*47e946e7SWyllys Ingersoll } 935*47e946e7SWyllys Ingersoll if (length_only == TRUE) { 936*47e946e7SWyllys Ingersoll rc = ber_encode_SEQUENCE(TRUE, NULL, &len, NULL, offset); 937*47e946e7SWyllys Ingersoll if (rc != CKR_OK) 938*47e946e7SWyllys Ingersoll return (rc); 939*47e946e7SWyllys Ingersoll rc = ber_encode_PrivateKeyInfo(TRUE, 940*47e946e7SWyllys Ingersoll NULL, data_len, 941*47e946e7SWyllys Ingersoll NULL, ber_AlgIdRSAEncryptionLen, 942*47e946e7SWyllys Ingersoll NULL, len); 943*47e946e7SWyllys Ingersoll if (rc != CKR_OK) 944*47e946e7SWyllys Ingersoll return (rc); 945*47e946e7SWyllys Ingersoll return (rc); 946*47e946e7SWyllys Ingersoll } 947*47e946e7SWyllys Ingersoll 948*47e946e7SWyllys Ingersoll buf = (CK_BYTE *)malloc(offset); 949*47e946e7SWyllys Ingersoll if (! buf) { 950*47e946e7SWyllys Ingersoll return (CKR_HOST_MEMORY); 951*47e946e7SWyllys Ingersoll } 952*47e946e7SWyllys Ingersoll offset = 0; 953*47e946e7SWyllys Ingersoll rc = 0; 954*47e946e7SWyllys Ingersoll 955*47e946e7SWyllys Ingersoll rc = ber_encode_INTEGER(FALSE, &buf2, &len, version, sizeof (version)); 956*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 957*47e946e7SWyllys Ingersoll goto error; 958*47e946e7SWyllys Ingersoll } 959*47e946e7SWyllys Ingersoll (void) memcpy(buf + offset, buf2, len); 960*47e946e7SWyllys Ingersoll offset += len; 961*47e946e7SWyllys Ingersoll free(buf2); 962*47e946e7SWyllys Ingersoll 963*47e946e7SWyllys Ingersoll rc = ber_encode_INTEGER(FALSE, &buf2, &len, 964*47e946e7SWyllys Ingersoll (CK_BYTE *)modulus + sizeof (CK_ATTRIBUTE), modulus->ulValueLen); 965*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 966*47e946e7SWyllys Ingersoll goto error; 967*47e946e7SWyllys Ingersoll } 968*47e946e7SWyllys Ingersoll (void) memcpy(buf + offset, buf2, len); 969*47e946e7SWyllys Ingersoll offset += len; 970*47e946e7SWyllys Ingersoll free(buf2); 971*47e946e7SWyllys Ingersoll 972*47e946e7SWyllys Ingersoll rc = ber_encode_INTEGER(FALSE, &buf2, &len, 973*47e946e7SWyllys Ingersoll (CK_BYTE *)publ_exp + sizeof (CK_ATTRIBUTE), publ_exp->ulValueLen); 974*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 975*47e946e7SWyllys Ingersoll goto error; 976*47e946e7SWyllys Ingersoll } 977*47e946e7SWyllys Ingersoll (void) memcpy(buf + offset, buf2, len); 978*47e946e7SWyllys Ingersoll offset += len; 979*47e946e7SWyllys Ingersoll free(buf2); 980*47e946e7SWyllys Ingersoll 981*47e946e7SWyllys Ingersoll rc = ber_encode_INTEGER(FALSE, &buf2, &len, 982*47e946e7SWyllys Ingersoll (CK_BYTE *)priv_exp + sizeof (CK_ATTRIBUTE), 983*47e946e7SWyllys Ingersoll priv_exp->ulValueLen); 984*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 985*47e946e7SWyllys Ingersoll goto error; 986*47e946e7SWyllys Ingersoll } 987*47e946e7SWyllys Ingersoll (void) memcpy(buf + offset, buf2, len); 988*47e946e7SWyllys Ingersoll offset += len; 989*47e946e7SWyllys Ingersoll free(buf2); 990*47e946e7SWyllys Ingersoll 991*47e946e7SWyllys Ingersoll rc = ber_encode_INTEGER(FALSE, &buf2, &len, 992*47e946e7SWyllys Ingersoll (CK_BYTE *)prime1 + sizeof (CK_ATTRIBUTE), prime1->ulValueLen); 993*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 994*47e946e7SWyllys Ingersoll goto error; 995*47e946e7SWyllys Ingersoll } 996*47e946e7SWyllys Ingersoll (void) memcpy(buf + offset, buf2, len); 997*47e946e7SWyllys Ingersoll offset += len; 998*47e946e7SWyllys Ingersoll free(buf2); 999*47e946e7SWyllys Ingersoll 1000*47e946e7SWyllys Ingersoll rc = ber_encode_INTEGER(FALSE, &buf2, &len, 1001*47e946e7SWyllys Ingersoll (CK_BYTE *)prime2 + sizeof (CK_ATTRIBUTE), prime2->ulValueLen); 1002*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1003*47e946e7SWyllys Ingersoll goto error; 1004*47e946e7SWyllys Ingersoll } 1005*47e946e7SWyllys Ingersoll (void) memcpy(buf + offset, buf2, len); 1006*47e946e7SWyllys Ingersoll offset += len; 1007*47e946e7SWyllys Ingersoll free(buf2); 1008*47e946e7SWyllys Ingersoll 1009*47e946e7SWyllys Ingersoll rc = ber_encode_INTEGER(FALSE, &buf2, &len, 1010*47e946e7SWyllys Ingersoll (CK_BYTE *)exponent1 + sizeof (CK_ATTRIBUTE), 1011*47e946e7SWyllys Ingersoll exponent1->ulValueLen); 1012*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1013*47e946e7SWyllys Ingersoll goto error; 1014*47e946e7SWyllys Ingersoll } 1015*47e946e7SWyllys Ingersoll (void) memcpy(buf + offset, buf2, len); 1016*47e946e7SWyllys Ingersoll offset += len; 1017*47e946e7SWyllys Ingersoll free(buf2); 1018*47e946e7SWyllys Ingersoll 1019*47e946e7SWyllys Ingersoll rc = ber_encode_INTEGER(FALSE, &buf2, &len, 1020*47e946e7SWyllys Ingersoll (CK_BYTE *)exponent2 + sizeof (CK_ATTRIBUTE), 1021*47e946e7SWyllys Ingersoll exponent2->ulValueLen); 1022*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1023*47e946e7SWyllys Ingersoll goto error; 1024*47e946e7SWyllys Ingersoll } 1025*47e946e7SWyllys Ingersoll (void) memcpy(buf + offset, buf2, len); 1026*47e946e7SWyllys Ingersoll offset += len; 1027*47e946e7SWyllys Ingersoll free(buf2); 1028*47e946e7SWyllys Ingersoll 1029*47e946e7SWyllys Ingersoll rc = ber_encode_INTEGER(FALSE, &buf2, &len, 1030*47e946e7SWyllys Ingersoll (CK_BYTE *)coeff + sizeof (CK_ATTRIBUTE), coeff->ulValueLen); 1031*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1032*47e946e7SWyllys Ingersoll goto error; 1033*47e946e7SWyllys Ingersoll } 1034*47e946e7SWyllys Ingersoll (void) memcpy(buf + offset, buf2, len); 1035*47e946e7SWyllys Ingersoll offset += len; 1036*47e946e7SWyllys Ingersoll free(buf2); 1037*47e946e7SWyllys Ingersoll 1038*47e946e7SWyllys Ingersoll rc = ber_encode_SEQUENCE(FALSE, &buf2, &len, buf, offset); 1039*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1040*47e946e7SWyllys Ingersoll goto error; 1041*47e946e7SWyllys Ingersoll } 1042*47e946e7SWyllys Ingersoll rc = ber_encode_PrivateKeyInfo(FALSE, 1043*47e946e7SWyllys Ingersoll data, data_len, 1044*47e946e7SWyllys Ingersoll ber_AlgIdRSAEncryption, ber_AlgIdRSAEncryptionLen, 1045*47e946e7SWyllys Ingersoll buf2, len); 1046*47e946e7SWyllys Ingersoll error: 1047*47e946e7SWyllys Ingersoll if (buf2) free(buf2); 1048*47e946e7SWyllys Ingersoll if (buf) free(buf); 1049*47e946e7SWyllys Ingersoll return (rc); 1050*47e946e7SWyllys Ingersoll } 1051*47e946e7SWyllys Ingersoll 1052*47e946e7SWyllys Ingersoll CK_RV 1053*47e946e7SWyllys Ingersoll ber_decode_RSAPrivateKey(CK_BYTE * data, 1054*47e946e7SWyllys Ingersoll CK_ULONG data_len, 1055*47e946e7SWyllys Ingersoll CK_ATTRIBUTE ** modulus, 1056*47e946e7SWyllys Ingersoll CK_ATTRIBUTE ** publ_exp, 1057*47e946e7SWyllys Ingersoll CK_ATTRIBUTE ** priv_exp, 1058*47e946e7SWyllys Ingersoll CK_ATTRIBUTE ** prime1, 1059*47e946e7SWyllys Ingersoll CK_ATTRIBUTE ** prime2, 1060*47e946e7SWyllys Ingersoll CK_ATTRIBUTE ** exponent1, 1061*47e946e7SWyllys Ingersoll CK_ATTRIBUTE ** exponent2, 1062*47e946e7SWyllys Ingersoll CK_ATTRIBUTE ** coeff) 1063*47e946e7SWyllys Ingersoll { 1064*47e946e7SWyllys Ingersoll CK_ATTRIBUTE *n_attr = NULL; 1065*47e946e7SWyllys Ingersoll CK_ATTRIBUTE *e_attr = NULL; 1066*47e946e7SWyllys Ingersoll CK_ATTRIBUTE *d_attr = NULL; 1067*47e946e7SWyllys Ingersoll CK_ATTRIBUTE *p_attr = NULL; 1068*47e946e7SWyllys Ingersoll CK_ATTRIBUTE *q_attr = NULL; 1069*47e946e7SWyllys Ingersoll CK_ATTRIBUTE *e1_attr = NULL; 1070*47e946e7SWyllys Ingersoll CK_ATTRIBUTE *e2_attr = NULL; 1071*47e946e7SWyllys Ingersoll CK_ATTRIBUTE *coeff_attr = NULL; 1072*47e946e7SWyllys Ingersoll 1073*47e946e7SWyllys Ingersoll CK_BYTE *alg = NULL; 1074*47e946e7SWyllys Ingersoll CK_BYTE *rsa_priv_key = NULL; 1075*47e946e7SWyllys Ingersoll CK_BYTE *buf = NULL; 1076*47e946e7SWyllys Ingersoll CK_BYTE *tmp = NULL; 1077*47e946e7SWyllys Ingersoll CK_ULONG offset, buf_len, field_len, len; 1078*47e946e7SWyllys Ingersoll CK_RV rc; 1079*47e946e7SWyllys Ingersoll 1080*47e946e7SWyllys Ingersoll rc = ber_decode_PrivateKeyInfo(data, data_len, &alg, 1081*47e946e7SWyllys Ingersoll &len, &rsa_priv_key); 1082*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1083*47e946e7SWyllys Ingersoll return (rc); 1084*47e946e7SWyllys Ingersoll } 1085*47e946e7SWyllys Ingersoll if (memcmp(alg, ber_rsaEncryption, ber_rsaEncryptionLen) != 0) { 1086*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 1087*47e946e7SWyllys Ingersoll } 1088*47e946e7SWyllys Ingersoll rc = ber_decode_SEQUENCE(rsa_priv_key, &buf, &buf_len, &field_len); 1089*47e946e7SWyllys Ingersoll if (rc != CKR_OK) 1090*47e946e7SWyllys Ingersoll return (rc); 1091*47e946e7SWyllys Ingersoll offset = 0; 1092*47e946e7SWyllys Ingersoll 1093*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1094*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1095*47e946e7SWyllys Ingersoll goto cleanup; 1096*47e946e7SWyllys Ingersoll } 1097*47e946e7SWyllys Ingersoll offset += field_len; 1098*47e946e7SWyllys Ingersoll 1099*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1100*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1101*47e946e7SWyllys Ingersoll goto cleanup; 1102*47e946e7SWyllys Ingersoll } 1103*47e946e7SWyllys Ingersoll offset += field_len; 1104*47e946e7SWyllys Ingersoll 1105*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1106*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1107*47e946e7SWyllys Ingersoll goto cleanup; 1108*47e946e7SWyllys Ingersoll } 1109*47e946e7SWyllys Ingersoll offset += field_len; 1110*47e946e7SWyllys Ingersoll 1111*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1112*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1113*47e946e7SWyllys Ingersoll goto cleanup; 1114*47e946e7SWyllys Ingersoll } 1115*47e946e7SWyllys Ingersoll offset += field_len; 1116*47e946e7SWyllys Ingersoll 1117*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1118*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1119*47e946e7SWyllys Ingersoll goto cleanup; 1120*47e946e7SWyllys Ingersoll } 1121*47e946e7SWyllys Ingersoll offset += field_len; 1122*47e946e7SWyllys Ingersoll 1123*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1124*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1125*47e946e7SWyllys Ingersoll goto cleanup; 1126*47e946e7SWyllys Ingersoll } 1127*47e946e7SWyllys Ingersoll offset += field_len; 1128*47e946e7SWyllys Ingersoll 1129*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1130*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1131*47e946e7SWyllys Ingersoll goto cleanup; 1132*47e946e7SWyllys Ingersoll } 1133*47e946e7SWyllys Ingersoll offset += field_len; 1134*47e946e7SWyllys Ingersoll 1135*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1136*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1137*47e946e7SWyllys Ingersoll goto cleanup; 1138*47e946e7SWyllys Ingersoll } 1139*47e946e7SWyllys Ingersoll offset += field_len; 1140*47e946e7SWyllys Ingersoll 1141*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1142*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1143*47e946e7SWyllys Ingersoll goto cleanup; 1144*47e946e7SWyllys Ingersoll } 1145*47e946e7SWyllys Ingersoll offset += field_len; 1146*47e946e7SWyllys Ingersoll 1147*47e946e7SWyllys Ingersoll if (offset > buf_len) { 1148*47e946e7SWyllys Ingersoll return (CKR_FUNCTION_FAILED); 1149*47e946e7SWyllys Ingersoll } 1150*47e946e7SWyllys Ingersoll 1151*47e946e7SWyllys Ingersoll offset = 0; 1152*47e946e7SWyllys Ingersoll 1153*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1154*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1155*47e946e7SWyllys Ingersoll goto cleanup; 1156*47e946e7SWyllys Ingersoll } 1157*47e946e7SWyllys Ingersoll offset += field_len; 1158*47e946e7SWyllys Ingersoll 1159*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1160*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1161*47e946e7SWyllys Ingersoll goto cleanup; 1162*47e946e7SWyllys Ingersoll } else { 1163*47e946e7SWyllys Ingersoll rc = build_attribute(CKA_MODULUS, tmp, len, &n_attr); 1164*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1165*47e946e7SWyllys Ingersoll goto cleanup; 1166*47e946e7SWyllys Ingersoll } 1167*47e946e7SWyllys Ingersoll offset += field_len; 1168*47e946e7SWyllys Ingersoll } 1169*47e946e7SWyllys Ingersoll 1170*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1171*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1172*47e946e7SWyllys Ingersoll goto cleanup; 1173*47e946e7SWyllys Ingersoll } else { 1174*47e946e7SWyllys Ingersoll rc = build_attribute(CKA_PUBLIC_EXPONENT, tmp, len, &e_attr); 1175*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1176*47e946e7SWyllys Ingersoll goto cleanup; 1177*47e946e7SWyllys Ingersoll } 1178*47e946e7SWyllys Ingersoll offset += field_len; 1179*47e946e7SWyllys Ingersoll } 1180*47e946e7SWyllys Ingersoll 1181*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1182*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1183*47e946e7SWyllys Ingersoll goto cleanup; 1184*47e946e7SWyllys Ingersoll } else { 1185*47e946e7SWyllys Ingersoll rc = build_attribute(CKA_PRIVATE_EXPONENT, tmp, len, &d_attr); 1186*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1187*47e946e7SWyllys Ingersoll goto cleanup; 1188*47e946e7SWyllys Ingersoll } 1189*47e946e7SWyllys Ingersoll offset += field_len; 1190*47e946e7SWyllys Ingersoll } 1191*47e946e7SWyllys Ingersoll 1192*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1193*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1194*47e946e7SWyllys Ingersoll goto cleanup; 1195*47e946e7SWyllys Ingersoll } else { 1196*47e946e7SWyllys Ingersoll rc = build_attribute(CKA_PRIME_1, tmp, len, &p_attr); 1197*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1198*47e946e7SWyllys Ingersoll goto cleanup; 1199*47e946e7SWyllys Ingersoll } 1200*47e946e7SWyllys Ingersoll offset += field_len; 1201*47e946e7SWyllys Ingersoll } 1202*47e946e7SWyllys Ingersoll 1203*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1204*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1205*47e946e7SWyllys Ingersoll goto cleanup; 1206*47e946e7SWyllys Ingersoll } else { 1207*47e946e7SWyllys Ingersoll rc = build_attribute(CKA_PRIME_2, tmp, len, &q_attr); 1208*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1209*47e946e7SWyllys Ingersoll goto cleanup; 1210*47e946e7SWyllys Ingersoll } 1211*47e946e7SWyllys Ingersoll offset += field_len; 1212*47e946e7SWyllys Ingersoll } 1213*47e946e7SWyllys Ingersoll 1214*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1215*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1216*47e946e7SWyllys Ingersoll goto cleanup; 1217*47e946e7SWyllys Ingersoll } else { 1218*47e946e7SWyllys Ingersoll rc = build_attribute(CKA_EXPONENT_1, tmp, len, &e1_attr); 1219*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1220*47e946e7SWyllys Ingersoll goto cleanup; 1221*47e946e7SWyllys Ingersoll } 1222*47e946e7SWyllys Ingersoll offset += field_len; 1223*47e946e7SWyllys Ingersoll } 1224*47e946e7SWyllys Ingersoll 1225*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1226*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1227*47e946e7SWyllys Ingersoll goto cleanup; 1228*47e946e7SWyllys Ingersoll } else { 1229*47e946e7SWyllys Ingersoll rc = build_attribute(CKA_EXPONENT_2, tmp, len, &e2_attr); 1230*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1231*47e946e7SWyllys Ingersoll goto cleanup; 1232*47e946e7SWyllys Ingersoll } 1233*47e946e7SWyllys Ingersoll offset += field_len; 1234*47e946e7SWyllys Ingersoll } 1235*47e946e7SWyllys Ingersoll 1236*47e946e7SWyllys Ingersoll rc = ber_decode_INTEGER(buf + offset, &tmp, &len, &field_len); 1237*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1238*47e946e7SWyllys Ingersoll goto cleanup; 1239*47e946e7SWyllys Ingersoll } else { 1240*47e946e7SWyllys Ingersoll rc = build_attribute(CKA_COEFFICIENT, tmp, len, &coeff_attr); 1241*47e946e7SWyllys Ingersoll if (rc != CKR_OK) { 1242*47e946e7SWyllys Ingersoll goto cleanup; 1243*47e946e7SWyllys Ingersoll } 1244*47e946e7SWyllys Ingersoll offset += len; 1245*47e946e7SWyllys Ingersoll } 1246*47e946e7SWyllys Ingersoll 1247*47e946e7SWyllys Ingersoll *modulus = n_attr; 1248*47e946e7SWyllys Ingersoll *publ_exp = e_attr; 1249*47e946e7SWyllys Ingersoll *priv_exp = d_attr; 1250*47e946e7SWyllys Ingersoll *prime1 = p_attr; 1251*47e946e7SWyllys Ingersoll *prime2 = q_attr; 1252*47e946e7SWyllys Ingersoll *exponent1 = e1_attr; 1253*47e946e7SWyllys Ingersoll *exponent2 = e2_attr; 1254*47e946e7SWyllys Ingersoll *coeff = coeff_attr; 1255*47e946e7SWyllys Ingersoll 1256*47e946e7SWyllys Ingersoll return (CKR_OK); 1257*47e946e7SWyllys Ingersoll 1258*47e946e7SWyllys Ingersoll cleanup: 1259*47e946e7SWyllys Ingersoll if (n_attr) free(n_attr); 1260*47e946e7SWyllys Ingersoll if (e_attr) free(e_attr); 1261*47e946e7SWyllys Ingersoll if (d_attr) free(d_attr); 1262*47e946e7SWyllys Ingersoll if (p_attr) free(p_attr); 1263*47e946e7SWyllys Ingersoll if (q_attr) free(q_attr); 1264*47e946e7SWyllys Ingersoll if (e1_attr) free(e1_attr); 1265*47e946e7SWyllys Ingersoll if (e2_attr) free(e2_attr); 1266*47e946e7SWyllys Ingersoll if (coeff_attr) free(coeff_attr); 1267*47e946e7SWyllys Ingersoll 1268*47e946e7SWyllys Ingersoll return (rc); 1269*47e946e7SWyllys Ingersoll } 1270