VirtualBox

source: vbox/trunk/src/VBox/Runtime/common/crypto/x509-asn1-decoder.cpp@ 73603

Last change on this file since 73603 was 69111, checked in by vboxsync, 7 years ago

(C) year

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 9.5 KB
Line 
1/* $Id: x509-asn1-decoder.cpp 69111 2017-10-17 14:26:02Z vboxsync $ */
2/** @file
3 * IPRT - Crypto - X.509, Decoder for ASN.1.
4 */
5
6/*
7 * Copyright (C) 2006-2017 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 *
17 * The contents of this file may alternatively be used under the terms
18 * of the Common Development and Distribution License Version 1.0
19 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
20 * VirtualBox OSE distribution, in which case the provisions of the
21 * CDDL are applicable instead of those of the GPL.
22 *
23 * You may elect to license modified versions of this file under the
24 * terms and conditions of either the GPL or the CDDL or both.
25 */
26
27
28/*********************************************************************************************************************************
29* Header Files *
30*********************************************************************************************************************************/
31#include "internal/iprt.h"
32#include <iprt/crypto/x509.h>
33
34#include <iprt/err.h>
35#include <iprt/string.h>
36
37#include "x509-internal.h"
38
39
40/*
41 * One X.509 Extension.
42 */
43RTDECL(int) RTCrX509Extension_ExtnValue_DecodeAsn1(PRTASN1CURSOR pCursor, uint32_t fFlags,
44 PRTCRX509EXTENSION pThis, const char *pszErrorTag)
45{
46 RT_NOREF_PV(fFlags); RT_NOREF_PV(pszErrorTag);
47
48 pThis->enmValue = RTCRX509EXTENSIONVALUE_UNKNOWN;
49
50 /*
51 * Decode the encapsulated extension bytes if know the format.
52 */
53 RTASN1CURSOR ValueCursor;
54 int rc = RTAsn1CursorInitSubFromCore(pCursor, &pThis->ExtnValue.Asn1Core, &ValueCursor, "ExtnValue");
55 if (RT_FAILURE(rc))
56 return rc;
57 pCursor = &ValueCursor;
58
59 if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_AUTHORITY_KEY_IDENTIFIER_OID) == 0)
60 {
61 /* 4.2.1.1 Authority Key Identifier */
62 PRTCRX509AUTHORITYKEYIDENTIFIER pThat;
63 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
64 if (RT_SUCCESS(rc))
65 {
66 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
67 pThis->enmValue = RTCRX509EXTENSIONVALUE_AUTHORITY_KEY_IDENTIFIER;
68 rc = RTCrX509AuthorityKeyIdentifier_DecodeAsn1(&ValueCursor, 0, pThat, "AuthorityKeyIdentifier");
69 }
70 }
71 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_OLD_AUTHORITY_KEY_IDENTIFIER_OID) == 0)
72 {
73 /* Old and obsolete version of the above, still found in microsoft certificates. */
74 PRTCRX509OLDAUTHORITYKEYIDENTIFIER pThat;
75 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
76 if (RT_SUCCESS(rc))
77 {
78 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
79 pThis->enmValue = RTCRX509EXTENSIONVALUE_OLD_AUTHORITY_KEY_IDENTIFIER;
80 rc = RTCrX509OldAuthorityKeyIdentifier_DecodeAsn1(&ValueCursor, 0, pThat, "OldAuthorityKeyIdentifier");
81 }
82 }
83 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_SUBJECT_KEY_IDENTIFIER_OID) == 0)
84 {
85 /* 4.2.1.2 Subject Key Identifier */
86 PRTASN1OCTETSTRING pThat;
87 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
88 if (RT_SUCCESS(rc))
89 {
90 pThis->ExtnValue.pEncapsulated = &pThat->Asn1Core;
91 pThis->enmValue = RTCRX509EXTENSIONVALUE_OCTET_STRING;
92 rc = RTAsn1CursorGetOctetString(&ValueCursor, 0, pThat, "SubjectKeyIdentifier");
93 }
94 }
95 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_KEY_USAGE_OID) == 0)
96 {
97 /* 4.2.1.3 Key Usage */
98 PRTASN1BITSTRING pThat;
99 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
100 if (RT_SUCCESS(rc))
101 {
102 pThis->ExtnValue.pEncapsulated = &pThat->Asn1Core;
103 pThis->enmValue = RTCRX509EXTENSIONVALUE_BIT_STRING;
104 rc = RTAsn1CursorGetBitStringEx(&ValueCursor, 0, 9, pThat, "KeyUsage");
105 }
106 }
107 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_CERTIFICATE_POLICIES_OID) == 0)
108 {
109 /* 4.2.1.4 Certificate Policies */
110 PRTCRX509CERTIFICATEPOLICIES pThat;
111 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
112 if (RT_SUCCESS(rc))
113 {
114 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
115 pThis->enmValue = RTCRX509EXTENSIONVALUE_CERTIFICATE_POLICIES;
116 rc = RTCrX509CertificatePolicies_DecodeAsn1(&ValueCursor, 0, pThat, "CertPolicies");
117 }
118 }
119 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_POLICY_MAPPINGS_OID) == 0)
120 {
121 /* 4.2.1.5 Policy Mappings */
122 PRTCRX509POLICYMAPPINGS pThat;
123 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
124 if (RT_SUCCESS(rc))
125 {
126 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
127 pThis->enmValue = RTCRX509EXTENSIONVALUE_POLICY_MAPPINGS;
128 rc = RTCrX509PolicyMappings_DecodeAsn1(&ValueCursor, 0, pThat, "PolicyMapppings");
129 }
130 }
131 else if ( RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_SUBJECT_ALT_NAME_OID) == 0
132 || RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_ISSUER_ALT_NAME_OID) == 0)
133 {
134 /* 4.2.1.6 Subject Alternative Name / 4.2.1.7 Issuer Alternative Name */
135 PRTCRX509GENERALNAMES pThat;
136 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
137 if (RT_SUCCESS(rc))
138 {
139 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
140 pThis->enmValue = RTCRX509EXTENSIONVALUE_GENERAL_NAMES;
141 rc = RTCrX509GeneralNames_DecodeAsn1(&ValueCursor, 0, pThat, "AltName");
142 }
143 }
144 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_BASIC_CONSTRAINTS_OID) == 0)
145 {
146 /* 4.2.1.9 Basic Constraints */
147 PRTCRX509BASICCONSTRAINTS pThat;
148 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
149 if (RT_SUCCESS(rc))
150 {
151 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
152 pThis->enmValue = RTCRX509EXTENSIONVALUE_BASIC_CONSTRAINTS;
153 rc = RTCrX509BasicConstraints_DecodeAsn1(&ValueCursor, 0, pThat, "BasicConstraints");
154 }
155 }
156 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_NAME_CONSTRAINTS_OID) == 0)
157 {
158 /* 4.2.1.10 Name Constraints */
159 PRTCRX509NAMECONSTRAINTS pThat;
160 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
161 if (RT_SUCCESS(rc))
162 {
163 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
164 pThis->enmValue = RTCRX509EXTENSIONVALUE_NAME_CONSTRAINTS;
165 rc = RTCrX509NameConstraints_DecodeAsn1(&ValueCursor, 0, pThat, "NameConstraints");
166 }
167 }
168 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_POLICY_CONSTRAINTS_OID) == 0)
169 {
170 /* 4.2.1.11 Policy Constraints */
171 PRTCRX509POLICYCONSTRAINTS pThat;
172 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
173 if (RT_SUCCESS(rc))
174 {
175 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
176 pThis->enmValue = RTCRX509EXTENSIONVALUE_POLICY_CONSTRAINTS;
177 rc = RTCrX509PolicyConstraints_DecodeAsn1(&ValueCursor, 0, pThat, "PolicyConstraints");
178 }
179 }
180 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_EXT_KEY_USAGE_OID) == 0)
181 {
182 /* 4.2.1.12 Extended Key Usage */
183 PRTASN1SEQOFOBJIDS pThat;
184 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
185 if (RT_SUCCESS(rc))
186 {
187 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
188 pThis->enmValue = RTCRX509EXTENSIONVALUE_SEQ_OF_OBJ_IDS;
189 rc = RTAsn1SeqOfObjIds_DecodeAsn1(&ValueCursor, 0, pThat, "ExKeyUsage");
190 }
191 }
192 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_EXT_KEY_USAGE_OID) == 0)
193 {
194 /* 4.2.1.14 Inhibit anyPolicy */
195 PRTASN1INTEGER pThat;
196 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
197 if (RT_SUCCESS(rc))
198 {
199 pThis->ExtnValue.pEncapsulated = &pThat->Asn1Core;
200 pThis->enmValue = RTCRX509EXTENSIONVALUE_INTEGER;
201 rc = RTAsn1CursorGetInteger(&ValueCursor, 0, pThat, "InhibitAnyPolicy");
202 }
203 }
204 else
205 return VINF_SUCCESS;
206
207 if (RT_SUCCESS(rc))
208 rc = RTAsn1CursorCheckEnd(&ValueCursor);
209
210 if (RT_SUCCESS(rc))
211 return VINF_SUCCESS;
212 return rc;
213}
214
215
216/*
217 * Generate the code.
218 */
219#include <iprt/asn1-generator-asn1-decoder.h>
220
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette