8#include <botan/ber_dec.h>
9#include <botan/bigint.h>
10#include <botan/loadstor.h>
11#include <botan/internal/safeint.h>
22const size_t ALLOWED_EOC_NESTINGS = 16;
30 if(!ber->read_byte(b))
36 if((b & 0x1F) != 0x1F)
49 if(!ber->read_byte(b))
50 throw BER_Decoding_Error(
"Long-form tag truncated");
51 if(tag_buf & 0xFF000000)
52 throw BER_Decoding_Error(
"Long-form tag overflowed 32 bits");
54 tag_buf = (tag_buf << 7) | (b & 0x7F);
55 if((b & 0x80) == 0)
break;
64size_t find_eoc(DataSource* src,
size_t allow_indef);
69size_t decode_length(DataSource* ber,
size_t& field_size,
size_t allow_indef)
72 if(!ber->read_byte(b))
73 throw BER_Decoding_Error(
"Length field not found");
78 field_size += (b & 0x7F);
80 throw BER_Decoding_Error(
"Length field is too large");
86 throw BER_Decoding_Error(
"Nested EOC markers too deep, rejecting to avoid stack exhaustion");
90 return find_eoc(ber, allow_indef - 1);
96 for(
size_t i = 0; i != field_size - 1; ++i)
99 throw BER_Decoding_Error(
"Field length overflow");
100 if(!ber->read_byte(b))
101 throw BER_Decoding_Error(
"Corrupted length field");
102 length = (length << 8) | b;
110size_t find_eoc(DataSource* ber,
size_t allow_indef)
112 secure_vector<uint8_t> buffer(BOTAN_DEFAULT_BUFFER_SIZE), data;
116 const size_t got = ber->peek(buffer.data(), buffer.size(), data.size());
120 data += std::make_pair(buffer.data(), got);
123 DataSource_Memory source(data);
130 size_t tag_size = decode_tag(&source, type_tag, class_tag);
134 size_t length_size = 0;
135 size_t item_size = decode_length(&source, length_size, allow_indef);
136 source.discard_next(item_size);
148class DataSource_BERObject
final :
public DataSource
151 size_t read(uint8_t out[],
size_t length)
override
154 const size_t got = std::min<size_t>(m_obj.length() - m_offset, length);
155 copy_mem(out, m_obj.bits() + m_offset, got);
160 size_t peek(uint8_t out[],
size_t length,
size_t peek_offset)
const override
163 const size_t bytes_left = m_obj.length() - m_offset;
165 if(peek_offset >= bytes_left)
168 const size_t got = std::min(bytes_left - peek_offset, length);
169 copy_mem(out, m_obj.bits() + peek_offset, got);
173 bool check_available(
size_t n)
override
176 return (n <= (m_obj.length() - m_offset));
179 bool end_of_data()
const override
181 return get_bytes_read() == m_obj.length();
184 size_t get_bytes_read()
const override {
return m_offset; }
186 explicit DataSource_BERObject(BER_Object&& obj) : m_obj(
std::move(obj)), m_offset(0) {}
210 return verify_end(
"BER_Decoder::verify_end called, but data remains");
243 std::swap(next, m_pushed);
250 decode_tag(m_source, type_tag, class_tag);
251 next.set_tagging(type_tag, class_tag);
252 if(next.
is_set() ==
false)
256 const size_t length = decode_length(m_source, field_size, ALLOWED_EOC_NESTINGS);
260 uint8_t* out = next.mutable_bits(length);
261 if(m_source->
read(out, length) != length)
279 throw Invalid_State(
"BER_Decoder: Only one push back is allowed");
286 throw Invalid_State(
"BER_Decoder: Only one push back is allowed");
287 m_pushed = std::move(obj);
303 throw Invalid_State(
"BER_Decoder::end_cons called with null parent");
305 throw Decoding_Error(
"BER_Decoder::end_cons called with data left");
311 m_data_src.reset(
new DataSource_BERObject(std::move(obj)));
312 m_source = m_data_src.get();
330 m_source = m_data_src.get();
339 m_source = m_data_src.get();
348 m_source = m_data_src.get();
356 m_source = other.m_source;
359 std::swap(m_data_src, other.m_data_src);
360 m_parent = other.m_parent;
405 out = (obj.
bits()[0]) ?
true :
false;
417 decode(integer, type_tag, class_tag);
422 if(integer.
bits() > 32)
426 for(
size_t i = 0; i != 4; ++i)
427 out = (out << 8) | integer.
byte_at(3-i);
443 decode(integer, type_tag, class_tag);
445 if(integer.
bits() > 8*T_bytes)
449 for(
size_t i = 0; i != 8; ++i)
450 out = (out << 8) | integer.
byte_at(7-i);
471 const bool negative = (obj.
bits()[0] & 0x80) ?
true :
false;
476 for(
size_t i = obj.
length(); i > 0; --i)
479 for(
size_t i = 0; i != obj.
length(); ++i)
481 out =
BigInt(vec.data(), vec.size());
495template<
typename Alloc>
496void asn1_decode_binary_string(std::vector<uint8_t, Alloc>& buffer,
511 throw BER_Decoding_Error(
"Invalid BIT STRING");
512 if(obj.
bits()[0] >= 8)
513 throw BER_Decoding_Error(
"Bad number of unused bits in BIT STRING");
515 buffer.resize(obj.
length() - 1);
532 throw BER_Bad_Tag(
"Bad tag for {BIT,OCTET} STRING", real_type);
534 asn1_decode_binary_string(buffer,
get_next_object(), real_type, type_tag, class_tag);
543 throw BER_Bad_Tag(
"Bad tag for {BIT,OCTET} STRING", real_type);
545 asn1_decode_binary_string(buffer,
get_next_object(), real_type, type_tag, class_tag);
#define BOTAN_ASSERT_NOMSG(expr)
virtual void decode_from(BER_Decoder &from)=0
BER_Decoder start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag=UNIVERSAL)
BER_Decoder(const uint8_t buf[], size_t len)
void push_back(const BER_Object &obj)
BER_Object get_next_object()
BER_Decoder & decode(bool &out)
uint64_t decode_constrained_integer(ASN1_Tag type_tag, ASN1_Tag class_tag, size_t T_bytes)
BER_Decoder & verify_end()
BER_Decoder & discard_remaining()
BER_Decoder & decode_octet_string_bigint(BigInt &b)
BER_Decoder & decode_null()
const uint8_t * bits() const
void assert_is_a(ASN1_Tag type_tag, ASN1_Tag class_tag, const std::string &descr="object") const
static BigInt decode(const uint8_t buf[], size_t length)
uint8_t byte_at(size_t n) const
size_t read_byte(uint8_t &out)
virtual size_t read(uint8_t out[], size_t length) BOTAN_WARN_UNUSED_RESULT=0
virtual bool check_available(size_t n)=0
virtual bool end_of_data() const =0
int(* final)(unsigned char *, CTX *)
void copy_mem(T *out, const T *in, size_t n)
constexpr uint8_t get_byte(size_t byte_num, T input)
std::vector< T, secure_allocator< T > > secure_vector
#define BOTAN_CHECKED_ADD(x, y)