[people/ms/strongswan.git] / Source / charon / asn1 / der_decoder.c

/**
 * @file der_decoder.c
 *
 * @brief Implementation of der_decoder_t.
 */

/*
 * Copyright (C) 2000-2004 Andreas Steffen
 * Copyright (C) 2006 Martin Willi
 * Hochschule fuer Technik Rapperswil
 *
 * Some parts taken over from pluto/asn1.c
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#include <gmp.h>

#include "der_decoder.h"

#include <utils/allocator.h>
#include <daemon.h>


typedef struct private_der_decoder_t private_der_decoder_t;

/**
 * Private data of a der_decoder_t object.
 */
struct private_der_decoder_t {
	/**
	 * Public interface for this signer.
	 */
	der_decoder_t public;
	
	/**
	 * Rule which was just processed
	 */
	asn1_rule_t *rule;
	
	/**
	 * First rule of the hole ruleset
	 */
	asn1_rule_t *first_rule;
	
	/**
	 * Output data struct
	 */
	void *output;
	
	/**
	 * Complex things like this need a logger ;-)
	 */
	logger_t *logger;
};

status_t read_hdr(private_der_decoder_t *this, chunk_t *data);

/**
 * Read a sequence from data, parse its contents recursivly
 */
status_t read_sequence(private_der_decoder_t *this, chunk_t data)
{
	status_t status;
	asn1_rule_t *next_rule;
	
	while(TRUE)
	{
		next_rule = this->rule + 1;
		if (next_rule->type == ASN1_END)
		{
			this->rule++;
			break;
		}
		status = read_hdr(this, &data);
		if (status != SUCCESS)
		{
			return status;
		}
	}
	
	this->logger->log(this->logger, CONTROL|LEVEL2, "Sequence end");
	return SUCCESS;
}

/**
 * Read choice of data, parse if one of the choosable types arise
 */
status_t read_choice(private_der_decoder_t *this, chunk_t *data)
{
	status_t status = PARSE_ERROR;
	asn1_rule_t *next_rule;
	bool found = FALSE;
	
	this->logger->log_chunk(this->logger, CONTROL|LEVEL2, "Choice data", *data);
	
	while(TRUE)
	{
		next_rule = this->rule + 1;
		if (next_rule->type == ASN1_END)
		{
			this->rule++;
			return status;
		}
		if (!found && *(data->ptr) == next_rule->type)
		{
			found = TRUE;
			status = read_hdr(this, data);
		}
		else
		{
			this->rule++;
		}
	}
	this->logger->log(this->logger, CONTROL|LEVEL2, "Choice end");
	return status;
}

/**
 * Read a utc or generalized time
 */
status_t read_time(private_der_decoder_t *this, chunk_t data)
{
	struct tm t;
	time_t tz_offset;
	u_char *eot = NULL;
	const char* format;
	time_t *result = (time_t*)((u_int8_t*)this->output + this->rule->data_offset);
	
	/* TODO: Test it */
	this->logger->log_chunk(this->logger, CONTROL|LEVEL2, "TIME", data);
	
	if ((eot = memchr(data.ptr, 'Z', data.len)) != NULL)
	{
		/* Zulu time with a zero time zone offset */
		tz_offset = 0;
	}
	else if ((eot = memchr(data.ptr, '+', data.len)) != NULL)
	{
		int tz_hour, tz_min;
		
		sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min);
		/* positive time zone offset */
		tz_offset = 3600*tz_hour + 60*tz_min;
	}
	else if ((eot = memchr(data.ptr, '-', data.len)) != NULL)
	{
		int tz_hour, tz_min;
		
		sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min);
		/* negative time zone offset */
		tz_offset = -3600*tz_hour - 60*tz_min;
	}
	else
	{
		/* error in time format */
		return PARSE_ERROR; 
	}

	if (this->rule->type == ASN1_UTCTIME)
	{
		format = "%2d%2d%2d%2d%2d";
	}
	else
	{
		format = "%4d%2d%2d%2d%2d";
	}
	
	sscanf(data.ptr, format, &t.tm_year, &t.tm_mon, &t.tm_mday, &t.tm_hour, &t.tm_min);
	
	/* is there a seconds field? */
	if ((eot - data.ptr) == ((this->rule->type == ASN1_UTCTIME)?12:14))
	{
		sscanf(eot-2, "%2d", &t.tm_sec);
	}
	else
	{
		t.tm_sec = 0;
	}

	/* representation of year */
	if (t.tm_year >= 1900)
	{
		t.tm_year -= 1900;
	}
	else if (t.tm_year >= 100)
	{
		return PARSE_ERROR;
	}
	else if (t.tm_year < 50)
	{
		t.tm_year += 100;
	}

	/* representation of month 0..11*/
	t.tm_mon--;

	/* set daylight saving time to off */
	t.tm_isdst = 0;

	/* compensate timezone */

	*result = mktime(&t) - timezone - tz_offset;
	return SUCCESS;
}

/**
 * Read an integer as u_int or as mpz_t
 */
status_t read_int(private_der_decoder_t *this, chunk_t data)
{
	this->logger->log_chunk(this->logger, CONTROL|LEVEL2, "ASN1_INTEGER", data);
	
	if (this->rule->flags & ASN1_MPZ)
	{
		mpz_t *mpz = (mpz_t*)((u_int8_t*)this->output + this->rule->data_offset);
		mpz_import(*mpz, data.len, 1, 1, 1, 0, data.ptr);
	}
	else
	{	
		u_int *integ = (u_int*)((u_int8_t*)this->output + this->rule->data_offset);
		
		*integ = 0;
		while (data.len-- > 0)
		{
			*integ = 256 * (*integ) + *data.ptr++;
		}
	}
	return SUCCESS;
}

/**
 * Read boolean value 
 */
status_t read_bool(private_der_decoder_t *this, chunk_t data)
{
	this->logger->log_chunk(this->logger, CONTROL|LEVEL2, "ASN1_BOOLEAN", data);

	bool *boolean = (u_int*)((u_int8_t*)this->output + this->rule->data_offset);
	
	*boolean = *data.ptr;
	
	return SUCCESS;
}

/**
 * Read an OID
 */
status_t read_oid(private_der_decoder_t *this, chunk_t data)
{
	this->logger->log_chunk(this->logger, CONTROL|LEVEL2, "ASN1_OID", data);
	/* TODO: OID parsing stuff */
	return SUCCESS;
}

/**
 * Read a bitstring
 */
status_t read_bitstring(private_der_decoder_t *this, chunk_t data)
{
	/* TODO: cleanly determine amount of unused bits */
	
	/* skip "unused-bits-in-following-byte"-byte */
	data.ptr += 1;
	data.len -= 1;
	
	chunk_t *chunk = (chunk_t*)((u_int8_t*)this->output + this->rule->data_offset);
	
	*chunk = allocator_clone_chunk(data);
	
	this->logger->log_chunk(this->logger, CONTROL|LEVEL2, "ASN1_BITSTRING", data);
	return SUCCESS;
}

/**
 * Read any type which appears in a chunk
 */
status_t read_any(private_der_decoder_t *this, chunk_t data)
{	
	chunk_t *chunk = (chunk_t*)((u_int8_t*)this->output + this->rule->data_offset);
	
	*chunk = allocator_clone_chunk(data);
	
	this->logger->log_chunk(this->logger, CONTROL|LEVEL2, "ASN1_ANY", data);
	return SUCCESS;
}

/**
 * Read the length field of a type
 */
u_int32_t read_length(chunk_t *data)
{
	u_int8_t n;
	size_t len;
	
	/* read first octet of length field */
	n = *data->ptr;
	data->ptr++; data->len--;

	if ((n & 0x80) == 0) 
	{
		/* single length octet */
		return n;
	}
	
	/* composite length, determine number of length octets */
	n &= 0x7f;
	
	if (n > data->len)
	{
		/* length longer than available bytes */
		return -1;
	}
	
	if (n > sizeof(len))
	{
		/* larger than size_t can hold */
		return -1;
	}
	
	len = 0;
	while (n-- > 0)
	{
		len = 256 * len + *data->ptr;
		data->ptr++; data->len--;
	}
	return len;
}

/**
 * Read the next field
 */
status_t read_hdr(private_der_decoder_t *this, chunk_t *data)
{
	chunk_t inner;
	/* TODO: Redo this that an average mid-european can understand it */
	
beginning:
	/* advance to the next rule */
	this->rule++;
	
	this->logger->log(this->logger, CONTROL|LEVEL2, "reading rule %d %s",
						this->rule - this->first_rule,
						mapping_find(asn1_type_m, this->rule->type));
	
	switch (this->rule->type)
	{
		case ASN1_END:
			/* ignore, handled outside */
			return SUCCESS;
		case ASN1_CHOICE:
			/* CHOICE has no type/length */
			break;
		default:
			/* anything else has type/length */
			if (data->len == 0)
			{
				goto beginning;
			}
			this->logger->log_chunk(this->logger, CONTROL|LEVEL3, "reading from:", *data);
			
			/* read type, advance in data */
			if (this->rule->type != ASN1_ANY && *(data->ptr) != this->rule->type)
			{
				if (this->rule->flags & ASN1_OPTIONAL)
				{
					goto beginning;
				}
				if (this->rule->flags & ASN1_DEFAULT)
				{
					goto beginning;
				}
				this->logger->log(this->logger, CONTROL|LEVEL2, "Bad byte found: %x, %x expected", 
								*data->ptr, this->rule->type);
				return PARSE_ERROR;
			}
			data->ptr++;
			data->len--;
			
			/* read length, advance in data */
			inner.len = read_length(data);
			if (inner.len == -1)
			{
				this->logger->log(this->logger, CONTROL|LEVEL2, "Error reading length");
				return PARSE_ERROR;
			}
			this->logger->log(this->logger, CONTROL|LEVEL2, "Length is %d", inner.len);
			inner.ptr = data->ptr;
			
			/* advance in data, at the size of the inner */
			data->ptr += inner.len;
			data->len -= inner.len;
	}
	
	/* process inner */
	while (TRUE)
	{
		switch (this->rule->type)
		{
			case ASN1_INTEGER:
				return read_int(this, inner);
			case ASN1_BOOLEAN:
				return read_bool(this, inner);
			case ASN1_SEQUENCE:
			case ASN1_SET:
				return read_sequence(this, inner);
			case ASN1_TAG_E_0:
			case ASN1_TAG_E_1:
			case ASN1_TAG_E_2:
			case ASN1_TAG_E_3:
			case ASN1_TAG_E_4:
			case ASN1_TAG_E_5:
			case ASN1_TAG_E_6:
			case ASN1_TAG_E_7:
				return read_hdr(this, &inner);
			case ASN1_TAG_I_0:
			case ASN1_TAG_I_1:
			case ASN1_TAG_I_2:
			case ASN1_TAG_I_3:
			case ASN1_TAG_I_4:
			case ASN1_TAG_I_5:
			case ASN1_TAG_I_6:
			case ASN1_TAG_I_7:
				this->rule++;
				continue;
			case ASN1_OID:
				return read_oid(this, inner);
			case ASN1_CHOICE:
				return read_choice(this, data);
			case ASN1_NULL:
				return SUCCESS;
			case ASN1_ANY:
				return read_any(this, inner);
			case ASN1_UTCTIME:
				return read_time(this, inner);
			case  ASN1_GENERALIZEDTIME:
				return read_time(this, inner);
			case ASN1_BITSTRING:
				return read_bitstring(this, inner);
			case ASN1_OCTETSTRING:
				return read_any(this, inner);
			default:
				return NOT_SUPPORTED;
		}
	}
}

/**
 * Implements der_decoder_t.decode
 */
status_t decode(private_der_decoder_t *this, chunk_t input, void *output)
{
	this->rule = this->first_rule - 1;
	this->output = output;
	/* start parsing recursivly */
	return read_hdr(this, &input);
}

/**
 * Implementation of der_decoder.destroy.
 */
static void destroy(private_der_decoder_t *this)
{
	allocator_free(this);
}

/*
 * Described in header.
 */
der_decoder_t *der_decoder_create(asn1_rule_t *rules)
{
	private_der_decoder_t *this = allocator_alloc_thing(private_der_decoder_t);
	
	/* public functions */
	this->public.decode = (status_t (*) (der_decoder_t*,chunk_t,void*))decode;
	this->public.destroy = (void (*) (der_decoder_t*))destroy;
	
	this->first_rule = rules;
	this->logger = charon->logger_manager->get_logger(charon->logger_manager, DER_DECODER);
	
	return &(this->public);
}
Commit	Line	Data
9c781c15 MW	1	/**
	2	* @file der_decoder.c
	3	*
	4	* @brief Implementation of der_decoder_t.
	5	*/
	6
	7	/*
efadbf79 MW	8	* Copyright (C) 2000-2004 Andreas Steffen
efadbf79 MW	9	* Copyright (C) 2006 Martin Willi
9c781c15 MW	10	* Hochschule fuer Technik Rapperswil
9c781c15 MW	11	*
efadbf79 MW	12	* Some parts taken over from pluto/asn1.c
efadbf79 MW	13	*
9c781c15 MW	14	* This program is free software; you can redistribute it and/or modify it
	15	* under the terms of the GNU General Public License as published by the
	16	* Free Software Foundation; either version 2 of the License, or (at your
	17	* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
	18	*
	19	* This program is distributed in the hope that it will be useful, but
	20	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	21	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	22	* for more details.
	23	*/
	24
	25	#include <gmp.h>
	26
	27	#include "der_decoder.h"
	28
	29	#include <utils/allocator.h>
	30	#include <daemon.h>
	31
	32
	33
	34	typedef struct private_der_decoder_t private_der_decoder_t;
	35
	36	/**
	37	* Private data of a der_decoder_t object.
	38	*/
	39	struct private_der_decoder_t {
	40	/**
	41	* Public interface for this signer.
	42	*/
	43	der_decoder_t public;
	44
efadbf79 MW	45	/**
	46	* Rule which was just processed
	47	*/
9c781c15 MW	48	asn1_rule_t *rule;
9c781c15 MW	49
efadbf79 MW	50	/**
	51	* First rule of the hole ruleset
	52	*/
9c781c15 MW	53	asn1_rule_t *first_rule;
9c781c15 MW	54
efadbf79 MW	55	/**
	56	* Output data struct
	57	*/
9c781c15 MW	58	void *output;
9c781c15 MW	59
efadbf79 MW	60	/**
	61	* Complex things like this need a logger ;-)
	62	*/
9c781c15 MW	63	logger_t *logger;
	64	};
	65
	66	status_t read_hdr(private_der_decoder_t this, chunk_t data);
	67
efadbf79 MW	68	/**
	69	* Read a sequence from data, parse its contents recursivly
	70	*/
9c781c15 MW	71	status_t read_sequence(private_der_decoder_t *this, chunk_t data)
9c781c15 MW	72	{
efadbf79 MW	73	status_t status;
	74	asn1_rule_t *next_rule;
	75
	76	while(TRUE)
9c781c15	77	{
efadbf79 MW	78	next_rule = this->rule + 1;
	79	if (next_rule->type == ASN1_END)
	80	{
	81	this->rule++;
	82	break;
	83	}
	84	status = read_hdr(this, &data);
	85	if (status != SUCCESS)
	86	{
	87	return status;
	88	}
9c781c15	89	}
efadbf79 MW	90
efadbf79 MW	91	this->logger->log(this->logger, CONTROL\|LEVEL2, "Sequence end");
9c781c15 MW	92	return SUCCESS;
	93	}
	94
efadbf79 MW	95	/**
	96	* Read choice of data, parse if one of the choosable types arise
	97	*/
	98	status_t read_choice(private_der_decoder_t this, chunk_t data)
	99	{
	100	status_t status = PARSE_ERROR;
	101	asn1_rule_t *next_rule;
	102	bool found = FALSE;
	103
	104	this->logger->log_chunk(this->logger, CONTROL\|LEVEL2, "Choice data", *data);
	105
	106	while(TRUE)
	107	{
	108	next_rule = this->rule + 1;
	109	if (next_rule->type == ASN1_END)
	110	{
	111	this->rule++;
	112	return status;
	113	}
	114	if (!found && *(data->ptr) == next_rule->type)
	115	{
	116	found = TRUE;
	117	status = read_hdr(this, data);
	118	}
	119	else
	120	{
	121	this->rule++;
	122	}
	123	}
	124	this->logger->log(this->logger, CONTROL\|LEVEL2, "Choice end");
	125	return status;
	126	}
9c781c15	127
efadbf79 MW	128	/**
	129	* Read a utc or generalized time
	130	*/
	131	status_t read_time(private_der_decoder_t *this, chunk_t data)
	132	{
	133	struct tm t;
	134	time_t tz_offset;
	135	u_char *eot = NULL;
	136	const char* format;
	137	time_t result = (time_t)((u_int8_t*)this->output + this->rule->data_offset);
	138
	139	/* TODO: Test it */
	140	this->logger->log_chunk(this->logger, CONTROL\|LEVEL2, "TIME", data);
	141
	142	if ((eot = memchr(data.ptr, 'Z', data.len)) != NULL)
	143	{
	144	/* Zulu time with a zero time zone offset */
	145	tz_offset = 0;
	146	}
	147	else if ((eot = memchr(data.ptr, '+', data.len)) != NULL)
	148	{
	149	int tz_hour, tz_min;
	150
	151	sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min);
	152	/* positive time zone offset */
	153	tz_offset = 3600tz_hour + 60tz_min;
	154	}
	155	else if ((eot = memchr(data.ptr, '-', data.len)) != NULL)
	156	{
	157	int tz_hour, tz_min;
	158
	159	sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min);
	160	/* negative time zone offset */
	161	tz_offset = -3600tz_hour - 60tz_min;
	162	}
	163	else
	164	{
	165	/* error in time format */
	166	return PARSE_ERROR;
	167	}
	168
	169	if (this->rule->type == ASN1_UTCTIME)
	170	{
	171	format = "%2d%2d%2d%2d%2d";
	172	}
	173	else
	174	{
	175	format = "%4d%2d%2d%2d%2d";
	176	}
	177
	178	sscanf(data.ptr, format, &t.tm_year, &t.tm_mon, &t.tm_mday, &t.tm_hour, &t.tm_min);
	179
	180	/* is there a seconds field? */
	181	if ((eot - data.ptr) == ((this->rule->type == ASN1_UTCTIME)?12:14))
	182	{
	183	sscanf(eot-2, "%2d", &t.tm_sec);
	184	}
	185	else
	186	{
	187	t.tm_sec = 0;
	188	}
	189
	190	/* representation of year */
	191	if (t.tm_year >= 1900)
192	{
193	t.tm_year -= 1900;
194	}
195	else if (t.tm_year >= 100)
196	{
197	return PARSE_ERROR;
198	}
199	else if (t.tm_year < 50)
200	{
201	t.tm_year += 100;
202	}
203
204	/* representation of month 0..11*/
205	t.tm_mon--;
206
207	/* set daylight saving time to off */
208	t.tm_isdst = 0;
209
210	/* compensate timezone */
211
212	*result = mktime(&t) - timezone - tz_offset;
213	return SUCCESS;
214	}
215
216	/**
217	* Read an integer as u_int or as mpz_t
218	*/
9c781c15 MW	219	status_t read_int(private_der_decoder_t *this, chunk_t data)
	220	{
	221	this->logger->log_chunk(this->logger, CONTROL\|LEVEL2, "ASN1_INTEGER", data);
9c781c15	222
efadbf79	223	if (this->rule->flags & ASN1_MPZ)
9c781c15	224	{
efadbf79 MW	225	mpz_t mpz = (mpz_t)((u_int8_t*)this->output + this->rule->data_offset);
	226	mpz_import(*mpz, data.len, 1, 1, 1, 0, data.ptr);
	227	}
	228	else
	229	{
	230	u_int integ = (u_int)((u_int8_t*)this->output + this->rule->data_offset);
	231
	232	*integ = 0;
	233	while (data.len-- > 0)
	234	{
	235	integ = 256 (integ) + data.ptr++;
	236	}
9c781c15 MW	237	}
	238	return SUCCESS;
	239	}
	240
efadbf79 MW	241	/**
	242	* Read boolean value
	243	*/
	244	status_t read_bool(private_der_decoder_t *this, chunk_t data)
9c781c15	245	{
efadbf79 MW	246	this->logger->log_chunk(this->logger, CONTROL\|LEVEL2, "ASN1_BOOLEAN", data);
	247
	248	bool boolean = (u_int)((u_int8_t*)this->output + this->rule->data_offset);
9c781c15	249
efadbf79 MW	250	boolean = data.ptr;
	251
	252	return SUCCESS;
	253	}
	254
	255	/**
	256	* Read an OID
	257	*/
	258	status_t read_oid(private_der_decoder_t *this, chunk_t data)
	259	{
	260	this->logger->log_chunk(this->logger, CONTROL\|LEVEL2, "ASN1_OID", data);
	261	/* TODO: OID parsing stuff */
9c781c15 MW	262	return SUCCESS;
	263	}
	264
efadbf79 MW	265	/**
	266	* Read a bitstring
	267	*/
	268	status_t read_bitstring(private_der_decoder_t *this, chunk_t data)
	269	{
	270	/* TODO: cleanly determine amount of unused bits */
	271
	272	/* skip "unused-bits-in-following-byte"-byte */
	273	data.ptr += 1;
	274	data.len -= 1;
	275
	276	chunk_t chunk = (chunk_t)((u_int8_t*)this->output + this->rule->data_offset);
	277
	278	*chunk = allocator_clone_chunk(data);
	279
	280	this->logger->log_chunk(this->logger, CONTROL\|LEVEL2, "ASN1_BITSTRING", data);
	281	return SUCCESS;
	282	}
	283
	284	/**
	285	* Read any type which appears in a chunk
	286	*/
	287	status_t read_any(private_der_decoder_t *this, chunk_t data)
	288	{
	289	chunk_t chunk = (chunk_t)((u_int8_t*)this->output + this->rule->data_offset);
	290
	291	*chunk = allocator_clone_chunk(data);
	292
	293	this->logger->log_chunk(this->logger, CONTROL\|LEVEL2, "ASN1_ANY", data);
	294	return SUCCESS;
	295	}
	296
	297	/**
	298	* Read the length field of a type
	299	*/
9c781c15 MW	300	u_int32_t read_length(chunk_t *data)
	301	{
	302	u_int8_t n;
	303	size_t len;
	304
	305	/* read first octet of length field */
efadbf79 MW	306	n = *data->ptr;
efadbf79 MW	307	data->ptr++; data->len--;
9c781c15 MW	308
	309	if ((n & 0x80) == 0)
	310	{
	311	/* single length octet */
	312	return n;
	313	}
	314
	315	/* composite length, determine number of length octets */
	316	n &= 0x7f;
	317
	318	if (n > data->len)
	319	{
	320	/* length longer than available bytes */
	321	return -1;
	322	}
	323
	324	if (n > sizeof(len))
	325	{
	326	/* larger than size_t can hold */
	327	return -1;
	328	}
	329
	330	len = 0;
	331	while (n-- > 0)
	332	{
efadbf79 MW	333	len = 256 * len + *data->ptr;
efadbf79 MW	334	data->ptr++; data->len--;
9c781c15 MW	335	}
	336	return len;
	337	}
	338
efadbf79 MW	339	/**
	340	* Read the next field
	341	*/
9c781c15 MW	342	status_t read_hdr(private_der_decoder_t this, chunk_t data)
	343	{
	344	chunk_t inner;
efadbf79	345	/* TODO: Redo this that an average mid-european can understand it */
9c781c15	346
efadbf79	347	beginning:
9c781c15 MW	348	/* advance to the next rule */
	349	this->rule++;
	350
efadbf79 MW	351	this->logger->log(this->logger, CONTROL\|LEVEL2, "reading rule %d %s",
	352	this->rule - this->first_rule,
	353	mapping_find(asn1_type_m, this->rule->type));
9c781c15	354
9c781c15 MW	355	switch (this->rule->type)
9c781c15 MW	356	{
efadbf79 MW	357	case ASN1_END:
	358	/* ignore, handled outside */
	359	return SUCCESS;
	360	case ASN1_CHOICE:
	361	/* CHOICE has no type/length */
	362	break;
	363	default:
	364	/* anything else has type/length */
	365	if (data->len == 0)
9c781c15	366	{
efadbf79	367	goto beginning;
9c781c15	368	}
efadbf79 MW	369	this->logger->log_chunk(this->logger, CONTROL\|LEVEL3, "reading from:", *data);
	370
	371	/* read type, advance in data */
	372	if (this->rule->type != ASN1_ANY && *(data->ptr) != this->rule->type)
9c781c15	373	{
efadbf79 MW	374	if (this->rule->flags & ASN1_OPTIONAL)
	375	{
	376	goto beginning;
	377	}
	378	if (this->rule->flags & ASN1_DEFAULT)
	379	{
	380	goto beginning;
	381	}
	382	this->logger->log(this->logger, CONTROL\|LEVEL2, "Bad byte found: %x, %x expected",
	383	*data->ptr, this->rule->type);
	384	return PARSE_ERROR;
9c781c15	385	}
efadbf79 MW	386	data->ptr++;
	387	data->len--;
	388
	389	/* read length, advance in data */
	390	inner.len = read_length(data);
	391	if (inner.len == -1)
	392	{
	393	this->logger->log(this->logger, CONTROL\|LEVEL2, "Error reading length");
	394	return PARSE_ERROR;
	395	}
	396	this->logger->log(this->logger, CONTROL\|LEVEL2, "Length is %d", inner.len);
	397	inner.ptr = data->ptr;
	398
	399	/* advance in data, at the size of the inner */
	400	data->ptr += inner.len;
	401	data->len -= inner.len;
9c781c15 MW	402	}
9c781c15 MW	403
efadbf79 MW	404	/* process inner */
	405	while (TRUE)
	406	{
	407	switch (this->rule->type)
	408	{
	409	case ASN1_INTEGER:
	410	return read_int(this, inner);
	411	case ASN1_BOOLEAN:
	412	return read_bool(this, inner);
	413	case ASN1_SEQUENCE:
	414	case ASN1_SET:
	415	return read_sequence(this, inner);
	416	case ASN1_TAG_E_0:
	417	case ASN1_TAG_E_1:
	418	case ASN1_TAG_E_2:
	419	case ASN1_TAG_E_3:
	420	case ASN1_TAG_E_4:
	421	case ASN1_TAG_E_5:
	422	case ASN1_TAG_E_6:
	423	case ASN1_TAG_E_7:
	424	return read_hdr(this, &inner);
	425	case ASN1_TAG_I_0:
	426	case ASN1_TAG_I_1:
	427	case ASN1_TAG_I_2:
	428	case ASN1_TAG_I_3:
	429	case ASN1_TAG_I_4:
	430	case ASN1_TAG_I_5:
	431	case ASN1_TAG_I_6:
	432	case ASN1_TAG_I_7:
	433	this->rule++;
	434	continue;
	435	case ASN1_OID:
	436	return read_oid(this, inner);
	437	case ASN1_CHOICE:
	438	return read_choice(this, data);
	439	case ASN1_NULL:
	440	return SUCCESS;
	441	case ASN1_ANY:
	442	return read_any(this, inner);
	443	case ASN1_UTCTIME:
	444	return read_time(this, inner);
	445	case ASN1_GENERALIZEDTIME:
	446	return read_time(this, inner);
	447	case ASN1_BITSTRING:
	448	return read_bitstring(this, inner);
	449	case ASN1_OCTETSTRING:
	450	return read_any(this, inner);
	451	default:
	452	return NOT_SUPPORTED;
	453	}
	454	}
9c781c15 MW	455	}
9c781c15 MW	456
efadbf79 MW	457	/**
	458	* Implements der_decoder_t.decode
	459	*/
9c781c15 MW	460	status_t decode(private_der_decoder_t this, chunk_t input, void output)
	461	{
	462	this->rule = this->first_rule - 1;
	463	this->output = output;
efadbf79	464	/* start parsing recursivly */
9c781c15 MW	465	return read_hdr(this, &input);
	466	}
	467
	468	/**
	469	* Implementation of der_decoder.destroy.
	470	*/
	471	static void destroy(private_der_decoder_t *this)
	472	{
	473	allocator_free(this);
	474	}
	475
	476	/*
	477	* Described in header.
	478	*/
	479	der_decoder_t der_decoder_create(asn1_rule_t rules)
	480	{
	481	private_der_decoder_t *this = allocator_alloc_thing(private_der_decoder_t);
	482
	483	/* public functions */
	484	this->public.decode = (status_t () (der_decoder_t,chunk_t,void*))decode;
	485	this->public.destroy = (void () (der_decoder_t))destroy;
	486
	487	this->first_rule = rules;
	488	this->logger = charon->logger_manager->get_logger(charon->logger_manager, DER_DECODER);
	489
	490	return &(this->public);
	491	}