/**
* Reads and parses the ASN.1 BootSignature block from the given offset
* @param fd File descriptor to the boot image
* @param offset Offset from the beginning of file to the signature
* @param bs Pointer to receive the BootImage structure
*/
static int read_signature(int fd, off64_t offset, BootSignature **bs)
{
BIO *in = NULL;
if (!bs) {
return -1;
}
if (lseek64(fd, offset, SEEK_SET) == -1) {
return -1;
}
if ((in = BIO_new_fd(fd, BIO_NOCLOSE)) == NULL) {
ERR_print_errors(g_error);
return -1;
}
if ((*bs = ASN1_item_d2i_bio(ASN1_ITEM_rptr(BootSignature), in, bs)) == NULL) {
ERR_print_errors(g_error);
BIO_free(in);
return -1;
}
BIO_free(in);
return 0;
}
void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
{
BIO *b;
char *ret;
if ((b = BIO_new(BIO_s_file())) == NULL) {
ASN1err(ASN1_F_ASN1_ITEM_D2I_FP, ERR_R_BUF_LIB);
return (NULL);
}
BIO_set_fp(b, in, BIO_NOCLOSE);
ret = ASN1_item_d2i_bio(it, b, x);
BIO_free(b);
return (ret);
}
void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
{
BIO *b;
char *ret;
if ((b=BIO_new(BIO_s_file())) == NULL)
{
OPENSSL_PUT_ERROR(ASN1, ASN1_item_d2i_fp, ERR_R_BUF_LIB);
return(NULL);
}
BIO_set_fp(b,in,BIO_NOCLOSE);
ret=ASN1_item_d2i_bio(it,b,x);
BIO_free(b);
return(ret);
}
PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12)
{
return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
}
DVT_STATUS CERTIFICATE_FILE_CLASS::importDer(const char* filename, bool certificatesOnly, const char*)
// DESCRIPTION : Import certificates from a PEM formated file.
// PRECONDITIONS :
// POSTCONDITIONS :
// EXCEPTIONS :
// NOTES : Returns MSG_OK, MSG_ERROR, MSG_FILE_NOT_EXIST, MSG_NO_VALUE
// : DER does not support encryption, so MSG_INVALID_PASSWORD will never be returned
//<<===========================================================================
{
DVT_STATUS status = MSG_ERROR;
DVT_STATUS* status_ptr;
BIO* bio_ptr;
// clear the error queue
ERR_clear_error();
// open the file
bio_ptr = BIO_new(BIO_s_file_internal());
if (bio_ptr == NULL)
{
openSslM_ptr->printError(loggerM_ptr, LOG_ERROR, "setting up to read DER file");
status = MSG_ERROR;
goto end;
}
if (BIO_read_filename(bio_ptr, filename) <= 0)
{
unsigned long err;
err = ERR_peek_error();
if ((ERR_GET_LIB(err) == ERR_LIB_SYS) && (ERR_GET_REASON(err) == ERROR_FILE_NOT_FOUND))
{
// file does not exist
ERR_clear_error(); // eat any errors
status = MSG_FILE_NOT_EXIST;
}
else
{
openSslM_ptr->printError(loggerM_ptr, LOG_ERROR, "opening DER file for reading");
status = MSG_ERROR;
}
goto end;
}
// read the file and convert the data
if (certificatesOnly)
{
X509* cert_ptr;
cert_ptr = (X509*)ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bio_ptr, NULL);
if (cert_ptr == NULL)
{
unsigned long err;
err = ERR_peek_error();
if ((ERR_GET_LIB(err) == ERR_LIB_ASN1) && (ERR_GET_REASON(err) == ASN1_R_WRONG_TAG))
{
// probably not a certificate
ERR_clear_error(); // eat any errors
status = MSG_NO_VALUE;
}
else
{
openSslM_ptr->printError(loggerM_ptr, LOG_ERROR, "decoding certificate in DER file");
status = MSG_ERROR;
}
}
else
{
// save the certificate
if (!push(cert_ptr))
{
status = MSG_ERROR;
}
else
{
status = MSG_OK;
}
}
}
else
{
// this calls derDecode()
status_ptr = (DVT_STATUS*)ASN1_d2i_bio(NULL, (char* (*)(void))derCallback, bio_ptr, (unsigned char**)this);
status = *status_ptr;
delete status_ptr;
}
end:
if (bio_ptr != NULL) BIO_free(bio_ptr);
return status;
}
RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
{
return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
}
X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
{
return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
}
PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
{
return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
}
X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
{
return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
}
RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
{
return (RSA*)ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
}
CPK_PUBLIC_PARAMS *d2i_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS **params) {
return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CPK_PUBLIC_PARAMS), bp, params);
}
CPK_MASTER_SECRET *d2i_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET **master) {
return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CPK_MASTER_SECRET), bp, master);
}
OCSP_RESPONSE *
d2i_OCSP_RESPONSE_bio(BIO *bp, OCSP_RESPONSE **a)
{
return ASN1_item_d2i_bio(&OCSP_RESPONSE_it, bp, a);
}
OCSP_REQUEST *
d2i_OCSP_REQUEST_bio(BIO *bp, OCSP_REQUEST **a)
{
return ASN1_item_d2i_bio(&OCSP_REQUEST_it, bp, a);
}
DSA *
d2i_DSAparams_bio(BIO *bp, DSA **a)
{
return ASN1_item_d2i_bio(&DSAparams_it, bp, a);
}
X509 *d2i_X509_bio(BIO *bp, X509 **x509)
{
return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509);
}
CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms)
{
return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CMS_ContentInfo), bp, cms);
}
static int execute_test(D2I_TEST_FIXTURE fixture)
{
BIO *bio = NULL;
ASN1_VALUE *value = NULL;
int ret = 0;
unsigned char buf[2048];
const unsigned char *buf_ptr = buf;
unsigned char *der = NULL;
int derlen;
int len;
if ((bio = BIO_new_file(test_file, "r")) == NULL)
return 0;
if (expected_error == ASN1_BIO) {
value = ASN1_item_d2i_bio(item_type, bio, NULL);
if (value == NULL)
ret = 1;
goto err;
}
/*
* Unless we are testing it we don't use ASN1_item_d2i_bio because it
* performs sanity checks on the input and can reject it before the
* decoder is called.
*/
len = BIO_read(bio, buf, sizeof(buf));
if (len < 0)
goto err;
value = ASN1_item_d2i(NULL, &buf_ptr, len, item_type);
if (value == NULL) {
if (expected_error == ASN1_DECODE)
ret = 1;
goto err;
}
derlen = ASN1_item_i2d(value, &der, item_type);
if (der == NULL || derlen < 0) {
if (expected_error == ASN1_ENCODE)
ret = 1;
goto err;
}
if (derlen != len || memcmp(der, buf, derlen) != 0) {
if (expected_error == ASN1_COMPARE)
ret = 1;
goto err;
}
if (expected_error == ASN1_OK)
ret = 1;
err:
/* Don't indicate success for memory allocation errors */
if (ret == 1 && ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
ret = 0;
BIO_free(bio);
OPENSSL_free(der);
ASN1_item_free(value, item_type);
return ret;
}