VirtualBox

source: vbox/trunk/src/VBox/Runtime/common/crypto/x509-asn1-decoder.cpp

Last change on this file was 98103, checked in by vboxsync, 16 months ago

Copyright year updates by scm.
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 9.8 KB
Line 
1/* $Id: x509-asn1-decoder.cpp 98103 2023-01-17 14:15:46Z vboxsync $ */
2/** @file
3 * IPRT - Crypto - X.509, Decoder for ASN.1.
4 */
5
6/*
7 * Copyright (C) 2006-2023 Oracle and/or its affiliates.
8 *
9 * This file is part of VirtualBox base platform packages, as
10 * available from https://www.virtualbox.org.
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation, in version 3 of the
15 * License.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 * General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, see <https://www.gnu.org/licenses>.
24 *
25 * The contents of this file may alternatively be used under the terms
26 * of the Common Development and Distribution License Version 1.0
27 * (CDDL), a copy of it is provided in the "COPYING.CDDL" file included
28 * in the VirtualBox distribution, in which case the provisions of the
29 * CDDL are applicable instead of those of the GPL.
30 *
31 * You may elect to license modified versions of this file under the
32 * terms and conditions of either the GPL or the CDDL or both.
33 *
34 * SPDX-License-Identifier: GPL-3.0-only OR CDDL-1.0
35 */
36
37
38/*********************************************************************************************************************************
39* Header Files *
40*********************************************************************************************************************************/
41#include "internal/iprt.h"
42#include <iprt/crypto/x509.h>
43
44#include <iprt/errcore.h>
45#include <iprt/string.h>
46
47#include "x509-internal.h"
48
49
50/*
51 * One X.509 Extension.
52 */
53RTDECL(int) RTCrX509Extension_ExtnValue_DecodeAsn1(PRTASN1CURSOR pCursor, uint32_t fFlags,
54 PRTCRX509EXTENSION pThis, const char *pszErrorTag)
55{
56 RT_NOREF_PV(fFlags); RT_NOREF_PV(pszErrorTag);
57
58 pThis->enmValue = RTCRX509EXTENSIONVALUE_UNKNOWN;
59
60 /*
61 * Decode the encapsulated extension bytes if know the format.
62 */
63 RTASN1CURSOR ValueCursor;
64 int rc = RTAsn1CursorInitSubFromCore(pCursor, &pThis->ExtnValue.Asn1Core, &ValueCursor, "ExtnValue");
65 if (RT_FAILURE(rc))
66 return rc;
67 pCursor = &ValueCursor;
68
69 if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_AUTHORITY_KEY_IDENTIFIER_OID) == 0)
70 {
71 /* 4.2.1.1 Authority Key Identifier */
72 PRTCRX509AUTHORITYKEYIDENTIFIER pThat;
73 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
74 if (RT_SUCCESS(rc))
75 {
76 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
77 pThis->enmValue = RTCRX509EXTENSIONVALUE_AUTHORITY_KEY_IDENTIFIER;
78 rc = RTCrX509AuthorityKeyIdentifier_DecodeAsn1(&ValueCursor, 0, pThat, "AuthorityKeyIdentifier");
79 }
80 }
81 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_OLD_AUTHORITY_KEY_IDENTIFIER_OID) == 0)
82 {
83 /* Old and obsolete version of the above, still found in microsoft certificates. */
84 PRTCRX509OLDAUTHORITYKEYIDENTIFIER pThat;
85 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
86 if (RT_SUCCESS(rc))
87 {
88 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
89 pThis->enmValue = RTCRX509EXTENSIONVALUE_OLD_AUTHORITY_KEY_IDENTIFIER;
90 rc = RTCrX509OldAuthorityKeyIdentifier_DecodeAsn1(&ValueCursor, 0, pThat, "OldAuthorityKeyIdentifier");
91 }
92 }
93 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_SUBJECT_KEY_IDENTIFIER_OID) == 0)
94 {
95 /* 4.2.1.2 Subject Key Identifier */
96 PRTASN1OCTETSTRING pThat;
97 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
98 if (RT_SUCCESS(rc))
99 {
100 pThis->ExtnValue.pEncapsulated = &pThat->Asn1Core;
101 pThis->enmValue = RTCRX509EXTENSIONVALUE_OCTET_STRING;
102 rc = RTAsn1CursorGetOctetString(&ValueCursor, 0, pThat, "SubjectKeyIdentifier");
103 }
104 }
105 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_KEY_USAGE_OID) == 0)
106 {
107 /* 4.2.1.3 Key Usage */
108 PRTASN1BITSTRING pThat;
109 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
110 if (RT_SUCCESS(rc))
111 {
112 pThis->ExtnValue.pEncapsulated = &pThat->Asn1Core;
113 pThis->enmValue = RTCRX509EXTENSIONVALUE_BIT_STRING;
114 rc = RTAsn1CursorGetBitStringEx(&ValueCursor, 0, 9, pThat, "KeyUsage");
115 }
116 }
117 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_CERTIFICATE_POLICIES_OID) == 0)
118 {
119 /* 4.2.1.4 Certificate Policies */
120 PRTCRX509CERTIFICATEPOLICIES pThat;
121 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
122 if (RT_SUCCESS(rc))
123 {
124 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
125 pThis->enmValue = RTCRX509EXTENSIONVALUE_CERTIFICATE_POLICIES;
126 rc = RTCrX509CertificatePolicies_DecodeAsn1(&ValueCursor, 0, pThat, "CertPolicies");
127 }
128 }
129 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_POLICY_MAPPINGS_OID) == 0)
130 {
131 /* 4.2.1.5 Policy Mappings */
132 PRTCRX509POLICYMAPPINGS pThat;
133 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
134 if (RT_SUCCESS(rc))
135 {
136 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
137 pThis->enmValue = RTCRX509EXTENSIONVALUE_POLICY_MAPPINGS;
138 rc = RTCrX509PolicyMappings_DecodeAsn1(&ValueCursor, 0, pThat, "PolicyMapppings");
139 }
140 }
141 else if ( RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_SUBJECT_ALT_NAME_OID) == 0
142 || RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_ISSUER_ALT_NAME_OID) == 0)
143 {
144 /* 4.2.1.6 Subject Alternative Name / 4.2.1.7 Issuer Alternative Name */
145 PRTCRX509GENERALNAMES pThat;
146 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
147 if (RT_SUCCESS(rc))
148 {
149 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
150 pThis->enmValue = RTCRX509EXTENSIONVALUE_GENERAL_NAMES;
151 rc = RTCrX509GeneralNames_DecodeAsn1(&ValueCursor, 0, pThat, "AltName");
152 }
153 }
154 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_BASIC_CONSTRAINTS_OID) == 0)
155 {
156 /* 4.2.1.9 Basic Constraints */
157 PRTCRX509BASICCONSTRAINTS pThat;
158 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
159 if (RT_SUCCESS(rc))
160 {
161 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
162 pThis->enmValue = RTCRX509EXTENSIONVALUE_BASIC_CONSTRAINTS;
163 rc = RTCrX509BasicConstraints_DecodeAsn1(&ValueCursor, 0, pThat, "BasicConstraints");
164 }
165 }
166 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_NAME_CONSTRAINTS_OID) == 0)
167 {
168 /* 4.2.1.10 Name Constraints */
169 PRTCRX509NAMECONSTRAINTS pThat;
170 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
171 if (RT_SUCCESS(rc))
172 {
173 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
174 pThis->enmValue = RTCRX509EXTENSIONVALUE_NAME_CONSTRAINTS;
175 rc = RTCrX509NameConstraints_DecodeAsn1(&ValueCursor, 0, pThat, "NameConstraints");
176 }
177 }
178 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_POLICY_CONSTRAINTS_OID) == 0)
179 {
180 /* 4.2.1.11 Policy Constraints */
181 PRTCRX509POLICYCONSTRAINTS pThat;
182 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
183 if (RT_SUCCESS(rc))
184 {
185 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
186 pThis->enmValue = RTCRX509EXTENSIONVALUE_POLICY_CONSTRAINTS;
187 rc = RTCrX509PolicyConstraints_DecodeAsn1(&ValueCursor, 0, pThat, "PolicyConstraints");
188 }
189 }
190 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_EXT_KEY_USAGE_OID) == 0)
191 {
192 /* 4.2.1.12 Extended Key Usage */
193 PRTASN1SEQOFOBJIDS pThat;
194 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
195 if (RT_SUCCESS(rc))
196 {
197 pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core;
198 pThis->enmValue = RTCRX509EXTENSIONVALUE_SEQ_OF_OBJ_IDS;
199 rc = RTAsn1SeqOfObjIds_DecodeAsn1(&ValueCursor, 0, pThat, "ExKeyUsage");
200 }
201 }
202 else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_EXT_KEY_USAGE_OID) == 0)
203 {
204 /* 4.2.1.14 Inhibit anyPolicy */
205 PRTASN1INTEGER pThat;
206 rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat));
207 if (RT_SUCCESS(rc))
208 {
209 pThis->ExtnValue.pEncapsulated = &pThat->Asn1Core;
210 pThis->enmValue = RTCRX509EXTENSIONVALUE_INTEGER;
211 rc = RTAsn1CursorGetInteger(&ValueCursor, 0, pThat, "InhibitAnyPolicy");
212 }
213 }
214 else
215 return VINF_SUCCESS;
216
217 if (RT_SUCCESS(rc))
218 rc = RTAsn1CursorCheckEnd(&ValueCursor);
219
220 if (RT_SUCCESS(rc))
221 return VINF_SUCCESS;
222 return rc;
223}
224
225
226/*
227 * Generate the code.
228 */
229#include <iprt/asn1-generator-asn1-decoder.h>
230
Note: See TracBrowser for help on using the repository browser.

© 2023 Oracle
ContactPrivacy policyTerms of Use