* modified. If any other error occurs, the object cursor will be
* invalidated.
*/
-int asn1_start ( struct asn1_cursor *cursor, unsigned int type, size_t extra ) {
+static int asn1_start ( struct asn1_cursor *cursor, unsigned int type,
+ size_t extra ) {
unsigned int len_len;
unsigned int len;
}
/**
- * Enter ASN.1 object
+ * Enter ASN.1 partial object
*
* @v cursor ASN.1 object cursor
* @v type Expected type, or ASN1_ANY
+ * @v extra Additional length beyond partial object
* @ret rc Return status code
*
- * The object cursor will be updated to point to the body of the
- * current ASN.1 object.
+ * The object cursor and additional length will be updated to point to
+ * the body of the current ASN.1 object.
*
* If any error occurs, the object cursor will be invalidated.
*/
-int asn1_enter ( struct asn1_cursor *cursor, unsigned int type ) {
+int asn1_enter_partial ( struct asn1_cursor *cursor, unsigned int type,
+ size_t *extra ) {
int len;
- len = asn1_start ( cursor, type, 0 );
+ /* Parse current object */
+ len = asn1_start ( cursor, type, *extra );
if ( len < 0 ) {
asn1_invalidate_cursor ( cursor );
return len;
}
- cursor->len = len;
+ /* Update cursor and additional length */
+ if ( ( ( size_t ) len ) <= cursor->len )
+ cursor->len = len;
+ assert ( ( len - cursor->len ) <= *extra );
+ *extra = ( len - cursor->len );
+
DBGC ( cursor, "ASN1 %p entered object type %02x (len %x)\n",
cursor, type, len );
-
return 0;
}
+/**
+ * Enter ASN.1 object
+ *
+ * @v cursor ASN.1 object cursor
+ * @v type Expected type, or ASN1_ANY
+ * @ret rc Return status code
+ *
+ * The object cursor will be updated to point to the body of the
+ * current ASN.1 object.
+ *
+ * If any error occurs, the object cursor will be invalidated.
+ */
+int asn1_enter ( struct asn1_cursor *cursor, unsigned int type ) {
+ static size_t no_extra = 0;
+
+ return asn1_enter_partial ( cursor, type, &no_extra );
+}
+
/**
* Skip ASN.1 object if present
*
int asn1_skip_if_exists ( struct asn1_cursor *cursor, unsigned int type ) {
int len;
+ /* Parse current object */
len = asn1_start ( cursor, type, 0 );
if ( len < 0 )
return len;
+ /* Update cursor */
cursor->data += len;
cursor->len -= len;
+
DBGC ( cursor, "ASN1 %p skipped object type %02x (len %x)\n",
cursor, type, len );
-
return 0;
}
struct asn1_cursor cursor;
uint8_t buf[8];
size_t extra;
- size_t total;
- int len;
int rc;
/* Sanity check: no realistic DER image can be smaller than this */
copy_from_user ( buf, image->data, 0, sizeof ( buf ) );
extra = ( image->len - sizeof ( buf ) );
- /* Get length of ASN.1 sequence */
- len = asn1_start ( &cursor, ASN1_SEQUENCE, extra );
- if ( len < 0 ) {
- rc = len;
+ /* Check that image begins with an ASN.1 sequence object */
+ if ( ( rc = asn1_enter_partial ( &cursor, ASN1_SEQUENCE,
+ &extra ) ) != 0 ) {
DBGC ( image, "DER %s is not valid ASN.1: %s\n",
image->name, strerror ( rc ) );
return rc;
}
- /* Add length of tag and length bytes consumed by asn1_start() */
- total = ( len + ( cursor.data - ( ( void * ) buf ) ) );
- assert ( total <= image->len );
-
/* Check that image comprises a single well-formed ASN.1 object */
- if ( total != image->len ) {
+ if ( extra != ( image->len - sizeof ( buf ) ) ) {
DBGC ( image, "DER %s is not single ASN.1\n", image->name );
return -ENOEXEC;
}
projects / thirdparty / ipxe.git / commitdiff
