1 /* encode.c - ber output encoding routines */
3 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 * Copyright 1998-2009 The OpenLDAP Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted only as authorized by the OpenLDAP
12 * A copy of this license is available in the file LICENSE in the
13 * top-level directory of the distribution or, alternatively, at
14 * <http://www.OpenLDAP.org/license.html>.
16 /* Portions Copyright (c) 1990 Regents of the University of Michigan.
17 * All rights reserved.
19 * Redistribution and use in source and binary forms are permitted
20 * provided that this notice is preserved and that due credit is given
21 * to the University of Michigan at Ann Arbor. The name of the University
22 * may not be used to endorse or promote products derived from this
23 * software without specific prior written permission. This software
24 * is provided ``as is'' without express or implied warranty.
27 * This work was originally developed by the University of Michigan
28 * (as part of U-MICH LDAP).
37 #include <ac/stdlib.h>
39 #include <ac/stdarg.h>
40 #include <ac/socket.h>
41 #include <ac/string.h>
46 #define OCTET_SIZE(type) ((ber_len_t) (sizeof(type)*CHAR_BIT + 7) / 8)
47 #define TAGBUF_SIZE OCTET_SIZE(ber_tag_t)
48 #define LENBUF_SIZE (1 + OCTET_SIZE(ber_len_t))
49 #define HEADER_SIZE (TAGBUF_SIZE + LENBUF_SIZE)
52 * BER element size constrains:
54 * - We traditionally support a length of max 0xffffffff. However
55 * some functions return an int length so that is their max.
56 * MAXINT_BERSIZE is the max for those functions.
58 * - MAXINT_BERSIZE must fit in MAXINT_BERSIZE_OCTETS octets.
60 * - sizeof(ber_elem_size_t) is normally MAXINT_BERSIZE_OCTETS:
61 * Big enough for MAXINT_BERSIZE, but not more. (Larger wastes
62 * space in the working encoding and DER encoding of a sequence
63 * or set. Smaller further limits sizes near a sequence/set.)
65 * ber_len_t is mostly unrelated to this. Which may be for the best,
66 * since it is also used for lengths of data that are never encoded.
68 #define MAXINT_BERSIZE \
69 (INT_MAX>0xffffffffUL ? (ber_len_t) 0xffffffffUL : INT_MAX-HEADER_SIZE)
70 #define MAXINT_BERSIZE_OCTETS 4
71 typedef ber_uint_t ber_elem_size_t; /* normally 32 bits */
74 /* Prepend tag to ptr, which points to the end of a tag buffer */
75 static unsigned char *
76 ber_prepend_tag( unsigned char *ptr, ber_tag_t tag )
79 *--ptr = (unsigned char) tag & 0xffU;
80 } while ( (tag >>= 8) != 0 );
85 /* Prepend ber length to ptr, which points to the end of a length buffer */
86 static unsigned char *
87 ber_prepend_len( unsigned char *ptr, ber_len_t len )
90 * short len if it's less than 128 - one byte giving the len,
92 * long len otherwise - one byte with bit 8 set, giving the
93 * length of the length, followed by the length itself.
96 *--ptr = (unsigned char) len & 0xffU;
99 unsigned char *endptr = ptr--;
101 while ( (len >>= 8) != 0 ) {
102 *ptr-- = (unsigned char) len & 0xffU;
104 *ptr = (unsigned char) (endptr - ptr) + 0x80U;
110 /* out->bv_len should be the buffer size on input */
112 ber_encode_oid( BerValue *in, BerValue *out )
115 unsigned long val1, val;
117 char *ptr, *end, *inend;
119 assert( in != NULL );
120 assert( out != NULL );
122 if ( !out->bv_val || out->bv_len < in->bv_len/2 )
125 der = (unsigned char *) out->bv_val;
127 inend = ptr + in->bv_len;
129 /* OIDs start with <0-1>.<0-39> or 2.<any>, DER-encoded 40*val1+val2 */
130 if ( !isdigit( (unsigned char) *ptr )) return -1;
131 val1 = strtoul( ptr, &end, 10 );
132 if ( end == ptr || val1 > 2 ) return -1;
133 if ( *end++ != '.' || !isdigit( (unsigned char) *end )) return -1;
134 val = strtoul( end, &ptr, 10 );
135 if ( ptr == end ) return -1;
136 if ( val > (val1 < 2 ? 39 : LBER_OID_COMPONENT_MAX - 80) ) return -1;
140 if ( ptr > inend ) return -1;
142 /* Write the OID component little-endian, then reverse it */
145 der[len++] = (val & 0xff) | 0x80;
146 } while ( (val >>= 7) != 0 );
148 for ( i = 0, j = len; i < --j; i++ ) {
149 unsigned char tmp = der[i];
157 if ( *ptr++ != '.' ) return -1;
158 if ( !isdigit( (unsigned char) *ptr )) return -1;
159 val = strtoul( ptr, &end, 10 );
160 if ( end == ptr || val > LBER_OID_COMPONENT_MAX ) return -1;
164 out->bv_len = (char *)der - out->bv_val;
175 unsigned char sign, data[TAGBUF_SIZE+1 + OCTET_SIZE(ber_int_t)], *ptr;
178 unum = num; /* Bit fiddling should be done with unsigned values */
183 for ( ptr = &data[sizeof(data) - 1] ;; unum >>= 8 ) {
184 *ptr-- = (sign ^ (unsigned char) unum) & 0xffU;
185 if ( unum < 0x80 ) /* top bit at *ptr is sign bit */
189 *ptr = (unsigned char) (&data[sizeof(data) - 1] - ptr); /* length */
190 ptr = ber_prepend_tag( ptr, tag );
192 return ber_write( ber, (char *) ptr, &data[sizeof(data)] - ptr, 0 );
201 if ( tag == LBER_DEFAULT ) {
202 tag = LBER_ENUMERATED;
205 return ber_put_int_or_enum( ber, num, tag );
214 if ( tag == LBER_DEFAULT ) {
218 return ber_put_int_or_enum( ber, num, tag );
224 LDAP_CONST char *str,
229 unsigned char header[HEADER_SIZE], *ptr;
231 if ( tag == LBER_DEFAULT ) {
232 tag = LBER_OCTETSTRING;
235 if ( len > MAXINT_BERSIZE ) {
239 ptr = ber_prepend_len( &header[sizeof(header)], len );
240 ptr = ber_prepend_tag( ptr, tag );
242 rc = ber_write( ber, (char *) ptr, &header[sizeof(header)] - ptr, 0 );
243 if ( rc >= 0 && ber_write( ber, str, len, 0 ) >= 0 ) {
244 /* length(tag + length + contents) */
257 if( bv == NULL || bv->bv_len == 0 ) {
258 return ber_put_ostring( ber, "", (ber_len_t) 0, tag );
261 return ber_put_ostring( ber, bv->bv_val, bv->bv_len, tag );
267 LDAP_CONST char *str,
270 assert( str != NULL );
272 return ber_put_ostring( ber, str, strlen( str ), tag );
278 LDAP_CONST char *str,
279 ber_len_t blen /* in bits */,
284 unsigned char unusedbits, header[HEADER_SIZE + 1], *ptr;
286 if ( tag == LBER_DEFAULT ) {
287 tag = LBER_BITSTRING;
290 unusedbits = (unsigned char) -blen & 7;
291 len = blen / 8 + (unusedbits != 0); /* (blen+7)/8 without overflow */
292 if ( len >= MAXINT_BERSIZE ) {
296 header[sizeof(header) - 1] = unusedbits;
297 ptr = ber_prepend_len( &header[sizeof(header) - 1], len + 1 );
298 ptr = ber_prepend_tag( ptr, tag );
300 rc = ber_write( ber, (char *) ptr, &header[sizeof(header)] - ptr, 0 );
301 if ( rc >= 0 && ber_write( ber, str, len, 0 ) >= 0 ) {
302 /* length(tag + length + unused bit count + bitstring) */
310 ber_put_null( BerElement *ber, ber_tag_t tag )
312 unsigned char data[TAGBUF_SIZE + 1], *ptr;
314 if ( tag == LBER_DEFAULT ) {
318 data[sizeof(data) - 1] = 0; /* length */
319 ptr = ber_prepend_tag( &data[sizeof(data) - 1], tag );
321 return ber_write( ber, (char *) ptr, &data[sizeof(data)] - ptr, 0 );
330 unsigned char data[TAGBUF_SIZE + 2], *ptr;
332 if ( tag == LBER_DEFAULT )
335 data[sizeof(data) - 1] = boolval ? 0xff : 0;
336 data[sizeof(data) - 2] = 1; /* length */
337 ptr = ber_prepend_tag( &data[sizeof(data) - 2], tag );
339 return ber_write( ber, (char *) ptr, &data[sizeof(data)] - ptr, 0 );
343 /* Max number of length octets in a sequence or set, normally 5 */
344 #define SOS_LENLEN (1 + (sizeof(ber_elem_size_t) > MAXINT_BERSIZE_OCTETS ? \
345 (ber_len_t) sizeof(ber_elem_size_t) : MAXINT_BERSIZE_OCTETS))
347 /* Header of incomplete sequence or set */
348 typedef struct seqorset_header {
349 char xtagbuf[TAGBUF_SIZE + 1]; /* room for tag + len(tag or len) */
351 ber_elem_size_t offset; /* enclosing seqence/set */
352 char padding[SOS_LENLEN-1]; /* for final length encoding */
354 # define SOS_TAG_END(header) ((unsigned char *) &(header).next_sos - 1)
357 /* Start a sequence or set */
364 * Write the tag and SOS_LENLEN octets reserved for length, to ber.
365 * For now, length octets = (tag length, previous ber_sos_inner).
367 * Update ber_sos_inner and the write-cursor ber_sos_ptr. ber_ptr
368 * will not move until the outermost sequence or set is complete.
371 Seqorset_header header;
372 unsigned char *headptr;
373 ber_len_t taglen, headlen;
376 assert( ber != NULL );
377 assert( LBER_VALID( ber ) );
379 if ( ber->ber_sos_ptr == NULL ) { /* outermost sequence/set? */
380 header.next_sos.offset = 0;
383 if ( (ber_len_t) -1 > (ber_elem_size_t) -1 ) {
384 if ( ber->ber_sos_inner > (ber_elem_size_t) -1 )
387 header.next_sos.offset = ber->ber_sos_inner;
388 p = &ber->ber_sos_ptr;
390 headptr = ber_prepend_tag( SOS_TAG_END(header), tag );
391 *SOS_TAG_END(header) = taglen = SOS_TAG_END(header) - headptr;
392 headlen = taglen + SOS_LENLEN;
394 /* As ber_write(,headptr,headlen,) except update ber_sos_ptr, not *p */
395 if ( headlen > (ber_len_t) (ber->ber_end - *p) ) {
396 if ( ber_realloc( ber, headlen ) != 0 )
400 AC_MEMCPY( dest, headptr, headlen );
401 ber->ber_sos_ptr = dest + headlen;
403 ber->ber_sos_inner = dest + taglen - ber->ber_buf;
406 * Do not return taglen + SOS_LENLEN here - then ber_put_seqorset()
407 * should return lenlen - SOS_LENLEN + len, which can be < 0.
413 ber_start_seq( BerElement *ber, ber_tag_t tag )
415 if ( tag == LBER_DEFAULT ) {
419 return ber_start_seqorset( ber, tag );
423 ber_start_set( BerElement *ber, ber_tag_t tag )
425 if ( tag == LBER_DEFAULT ) {
429 return ber_start_seqorset( ber, tag );
432 /* End a sequence or set */
434 ber_put_seqorset( BerElement *ber )
436 Seqorset_header header;
437 unsigned char *lenptr; /* length octets in the sequence/set */
438 ber_len_t len; /* length(contents) */
439 ber_len_t xlen; /* len + length(length) */
441 assert( ber != NULL );
442 assert( LBER_VALID( ber ) );
444 if ( ber->ber_sos_ptr == NULL ) return -1;
446 lenptr = (unsigned char *) ber->ber_buf + ber->ber_sos_inner;
447 xlen = ber->ber_sos_ptr - (char *) lenptr;
448 if ( xlen > MAXINT_BERSIZE + SOS_LENLEN ) {
452 /* Extract sequence/set information from length octets */
453 memcpy( SOS_TAG_END(header), lenptr, SOS_LENLEN );
455 /* Store length, and close gap of leftover reserved length octets */
456 len = xlen - SOS_LENLEN;
457 if ( ber->ber_options & LBER_USE_DER ) {
459 lenptr[0] = SOS_LENLEN - 1 + 0x80; /* length(length)-1 */
460 for( i = SOS_LENLEN; --i > 0; len >>= 8 ) {
461 lenptr[i] = len & 0xffU;
464 unsigned char *p = ber_prepend_len( lenptr + SOS_LENLEN, len );
465 ber_len_t unused = p - lenptr;
467 /* length(length) < the reserved SOS_LENLEN bytes */
469 AC_MEMCPY( lenptr, p, xlen );
470 ber->ber_sos_ptr = (char *) lenptr + xlen;
474 ber->ber_sos_inner = header.next_sos.offset;
475 if ( header.next_sos.offset == 0 ) { /* outermost sequence/set? */
476 /* The ber_ptr is at the set/seq start - move it to the end */
477 ber->ber_ptr = ber->ber_sos_ptr;
478 ber->ber_sos_ptr = NULL;
481 return xlen + *SOS_TAG_END(header); /* lenlen + len + taglen */
485 ber_put_seq( BerElement *ber )
487 return ber_put_seqorset( ber );
491 ber_put_set( BerElement *ber )
493 return ber_put_seqorset( ber );
497 static ber_tag_t lber_int_null = 0;
501 ber_printf( BerElement *ber, LDAP_CONST char *fmt, ... )
505 struct berval *bv, **bvp;
510 assert( ber != NULL );
511 assert( fmt != NULL );
512 assert( LBER_VALID( ber ) );
516 for ( rc = 0; *fmt && rc != -1; fmt++ ) {
518 case '!': { /* hook */
519 BEREncodeCallback *f;
522 ber->ber_usertag = 0;
524 f = va_arg( ap, BEREncodeCallback * );
525 p = va_arg( ap, void * );
528 if ( ber->ber_usertag ) {
529 ber->ber_usertag = 0;
534 case 'b': /* boolean */
535 i = va_arg( ap, ber_int_t );
536 rc = ber_put_boolean( ber, i, ber->ber_tag );
540 i = va_arg( ap, ber_int_t );
541 rc = ber_put_int( ber, i, ber->ber_tag );
544 case 'e': /* enumeration */
545 i = va_arg( ap, ber_int_t );
546 rc = ber_put_enum( ber, i, ber->ber_tag );
550 rc = ber_put_null( ber, ber->ber_tag );
553 case 'N': /* Debug NULL */
555 if( lber_int_null != 0 ) {
556 /* Insert NULL to ensure peer ignores unknown tags */
557 rc = ber_put_null( ber, lber_int_null );
561 case 'o': /* octet string (non-null terminated) */
562 s = va_arg( ap, char * );
563 len = va_arg( ap, ber_len_t );
564 rc = ber_put_ostring( ber, s, len, ber->ber_tag );
567 case 'O': /* berval octet string */
568 bv = va_arg( ap, struct berval * );
569 if( bv == NULL ) break;
570 rc = ber_put_berval( ber, bv, ber->ber_tag );
573 case 's': /* string */
574 s = va_arg( ap, char * );
575 rc = ber_put_string( ber, s, ber->ber_tag );
578 case 'B': /* bit string */
579 case 'X': /* bit string (deprecated) */
580 s = va_arg( ap, char * );
581 len = va_arg( ap, ber_len_t ); /* in bits */
582 rc = ber_put_bitstring( ber, s, len, ber->ber_tag );
585 case 't': /* tag for the next element */
586 ber->ber_tag = va_arg( ap, ber_tag_t );
587 ber->ber_usertag = 1;
590 case 'v': /* vector of strings */
591 if ( (ss = va_arg( ap, char ** )) == NULL )
593 for ( i = 0; ss[i] != NULL; i++ ) {
594 if ( (rc = ber_put_string( ber, ss[i],
595 ber->ber_tag )) == -1 )
600 case 'V': /* sequences of strings + lengths */
601 if ( (bvp = va_arg( ap, struct berval ** )) == NULL )
603 for ( i = 0; bvp[i] != NULL; i++ ) {
604 if ( (rc = ber_put_berval( ber, bvp[i],
605 ber->ber_tag )) == -1 )
610 case 'W': /* BerVarray */
611 if ( (bv = va_arg( ap, BerVarray )) == NULL )
613 for ( i = 0; bv[i].bv_val != NULL; i++ ) {
614 if ( (rc = ber_put_berval( ber, &bv[i],
615 ber->ber_tag )) == -1 )
620 case '{': /* begin sequence */
621 rc = ber_start_seq( ber, ber->ber_tag );
624 case '}': /* end sequence */
625 rc = ber_put_seqorset( ber );
628 case '[': /* begin set */
629 rc = ber_start_set( ber, ber->ber_tag );
632 case ']': /* end set */
633 rc = ber_put_seqorset( ber );
637 if( ber->ber_debug ) {
638 ber_log_printf( LDAP_DEBUG_ANY, ber->ber_debug,
639 "ber_printf: unknown fmt %c\n", *fmt );
645 ber->ber_tag = LBER_DEFAULT;