/** Decode the content of the octet string value if known. */ static int rtCrSpcSerializedObject_DecodeMore(PRTASN1CURSOR pCursor, uint32_t fFlags, PRTCRSPCSERIALIZEDOBJECT pThis, const char *pszErrorTag) { RT_NOREF_PV(fFlags); RT_NOREF_PV(pszErrorTag); int rc; RTASN1CURSOR SubCursor; if (RTUuidCompareStr(pThis->Uuid.Asn1Core.uData.pUuid, RTCRSPCSERIALIZEDOBJECT_UUID_STR) == 0) { rc = RTAsn1MemAllocZ(&pThis->SerializedData.EncapsulatedAllocation, (void **)&pThis->u.pData, sizeof(*pThis->u.pData)); if (RT_SUCCESS(rc)) { pThis->SerializedData.pEncapsulated = (PRTASN1CORE)pThis->u.pData; pThis->enmType = RTCRSPCSERIALIZEDOBJECTTYPE_ATTRIBUTES; rc = RTAsn1CursorInitSubFromCore(pCursor, &pThis->SerializedData.Asn1Core, &SubCursor, "SerializedData"); if (RT_SUCCESS(rc)) rc = RTCrSpcSerializedObjectAttributes_DecodeAsn1(&SubCursor, 0, pThis->u.pData, "SD"); } } else return VINF_SUCCESS; if (RT_SUCCESS(rc)) rc = RTAsn1CursorCheckEnd(&SubCursor); return rc; }
static int rtCrPkcs7ContentInfo_DecodeExtra(PRTASN1CURSOR pCursor, uint32_t fFlags, PRTCRPKCS7CONTENTINFO pThis, const char *pszErrorTag) { pThis->u.pCore = NULL; /* * Figure the type. */ RTCRPKCS7CONTENTINFOCHOICE enmChoice; size_t cbContent = 0; if (RTAsn1ObjId_CompareWithString(&pThis->ContentType, RTCRPKCS7SIGNEDDATA_OID) == 0) { enmChoice = RTCRPKCS7CONTENTINFOCHOICE_SIGNED_DATA; cbContent = sizeof(*pThis->u.pSignedData); } else if (RTAsn1ObjId_CompareWithString(&pThis->ContentType, RTCRSPCINDIRECTDATACONTENT_OID) == 0) { enmChoice = RTCRPKCS7CONTENTINFOCHOICE_SPC_INDIRECT_DATA_CONTENT; cbContent = sizeof(*pThis->u.pIndirectDataContent); } else if (RTAsn1ObjId_CompareWithString(&pThis->ContentType, RTCRTSPTSTINFO_OID) == 0) { enmChoice = RTCRPKCS7CONTENTINFOCHOICE_TSP_TST_INFO; cbContent = sizeof(*pThis->u.pTstInfo); } else { enmChoice = RTCRPKCS7CONTENTINFOCHOICE_UNKNOWN; cbContent = 0; } int rc = VINF_SUCCESS; if (enmChoice != RTCRPKCS7CONTENTINFOCHOICE_UNKNOWN) { /* * Detect CMS octet string and open the content cursor. * Current we don't have work with any contet which is octet string, * they're all sequences, which make detection so much simpler. */ PRTASN1OCTETSTRING pOctetString = &pThis->Content; RTASN1CURSOR ContentCursor; rc = RTAsn1CursorInitSubFromCore(pCursor, &pThis->Content.Asn1Core, &ContentCursor, "Content"); if ( RT_SUCCESS(rc) && RTAsn1CursorIsNextEx(&ContentCursor, ASN1_TAG_OCTET_STRING, ASN1_TAGFLAG_PRIMITIVE | ASN1_TAGCLASS_UNIVERSAL)) { rc = RTAsn1MemAllocZ(&pThis->Content.EncapsulatedAllocation, (void **)&pThis->Content.pEncapsulated, sizeof(*pOctetString)); if (RT_SUCCESS(rc)) { pThis->pCmsContent = pOctetString = (PRTASN1OCTETSTRING)pThis->Content.pEncapsulated; rc = RTAsn1OctetString_DecodeAsn1(&ContentCursor, 0, pOctetString, "CmsContent"); if (RT_SUCCESS(rc)) rc = RTAsn1CursorCheckEnd(&ContentCursor); if (RT_SUCCESS(rc)) rc = RTAsn1CursorInitSubFromCore(pCursor, &pOctetString->Asn1Core, &ContentCursor, "CmsContent"); } } if (RT_SUCCESS(rc)) { /* * Allocate memory for the decoded content. */ rc = RTAsn1MemAllocZ(&pOctetString->EncapsulatedAllocation, (void **)&pOctetString->pEncapsulated, cbContent); if (RT_SUCCESS(rc)) { pThis->u.pCore = pOctetString->pEncapsulated; /* * Decode it. */ switch (enmChoice) { case RTCRPKCS7CONTENTINFOCHOICE_SIGNED_DATA: rc = RTCrPkcs7SignedData_DecodeAsn1(&ContentCursor, 0, pThis->u.pSignedData, "SignedData"); break; case RTCRPKCS7CONTENTINFOCHOICE_SPC_INDIRECT_DATA_CONTENT: rc = RTCrSpcIndirectDataContent_DecodeAsn1(&ContentCursor, 0, pThis->u.pIndirectDataContent, "IndirectDataContent"); break; case RTCRPKCS7CONTENTINFOCHOICE_TSP_TST_INFO: rc = RTCrTspTstInfo_DecodeAsn1(&ContentCursor, 0, pThis->u.pTstInfo, "TstInfo"); break; default: AssertFailed(); rc = VERR_IPE_NOT_REACHED_DEFAULT_CASE; break; } if (RT_SUCCESS(rc)) rc = RTAsn1CursorCheckEnd(&ContentCursor); if (RT_SUCCESS(rc)) return VINF_SUCCESS; RTAsn1MemFree(&pOctetString->EncapsulatedAllocation, pOctetString->pEncapsulated); pOctetString->pEncapsulated = NULL; pThis->u.pCore = NULL; } } } return rc; }
/* * One X.509 Extension. */ RTDECL(int) RTCrX509Extension_ExtnValue_DecodeAsn1(PRTASN1CURSOR pCursor, uint32_t fFlags, PRTCRX509EXTENSION pThis, const char *pszErrorTag) { pThis->enmValue = RTCRX509EXTENSIONVALUE_UNKNOWN; /* * Decode the encapsulated extension bytes if know the format. */ RTASN1CURSOR ValueCursor; int rc = RTAsn1CursorInitSubFromCore(pCursor, &pThis->ExtnValue.Asn1Core, &ValueCursor, "ExtnValue"); if (RT_FAILURE(rc)) return rc; pCursor = &ValueCursor; if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_AUTHORITY_KEY_IDENTIFIER_OID) == 0) { /* 4.2.1.1 Authority Key Identifier */ PRTCRX509AUTHORITYKEYIDENTIFIER pThat; rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat)); if (RT_SUCCESS(rc)) { pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core; pThis->enmValue = RTCRX509EXTENSIONVALUE_AUTHORITY_KEY_IDENTIFIER; rc = RTCrX509AuthorityKeyIdentifier_DecodeAsn1(&ValueCursor, 0, pThat, "AuthorityKeyIdentifier"); } } else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_OLD_AUTHORITY_KEY_IDENTIFIER_OID) == 0) { /* Old and obsolete version of the above, still found in microsoft certificates. */ PRTCRX509OLDAUTHORITYKEYIDENTIFIER pThat; rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat)); if (RT_SUCCESS(rc)) { pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core; pThis->enmValue = RTCRX509EXTENSIONVALUE_OLD_AUTHORITY_KEY_IDENTIFIER; rc = RTCrX509OldAuthorityKeyIdentifier_DecodeAsn1(&ValueCursor, 0, pThat, "OldAuthorityKeyIdentifier"); } } else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_SUBJECT_KEY_IDENTIFIER_OID) == 0) { /* 4.2.1.2 Subject Key Identifier */ PRTASN1OCTETSTRING pThat; rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat)); if (RT_SUCCESS(rc)) { pThis->ExtnValue.pEncapsulated = &pThat->Asn1Core; pThis->enmValue = RTCRX509EXTENSIONVALUE_OCTET_STRING; rc = RTAsn1CursorGetOctetString(&ValueCursor, 0, pThat, "SubjectKeyIdentifier"); } } else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_KEY_USAGE_OID) == 0) { /* 4.2.1.3 Key Usage */ PRTASN1BITSTRING pThat; rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat)); if (RT_SUCCESS(rc)) { pThis->ExtnValue.pEncapsulated = &pThat->Asn1Core; pThis->enmValue = RTCRX509EXTENSIONVALUE_BIT_STRING; rc = RTAsn1CursorGetBitStringEx(&ValueCursor, 0, 9, pThat, "KeyUsage"); } } else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_CERTIFICATE_POLICIES_OID) == 0) { /* 4.2.1.4 Certificate Policies */ PRTCRX509CERTIFICATEPOLICIES pThat; rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat)); if (RT_SUCCESS(rc)) { pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core; pThis->enmValue = RTCRX509EXTENSIONVALUE_CERTIFICATE_POLICIES; rc = RTCrX509CertificatePolicies_DecodeAsn1(&ValueCursor, 0, pThat, "CertPolicies"); } } else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_POLICY_MAPPINGS_OID) == 0) { /* 4.2.1.5 Policy Mappings */ PRTCRX509POLICYMAPPINGS pThat; rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat)); if (RT_SUCCESS(rc)) { pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core; pThis->enmValue = RTCRX509EXTENSIONVALUE_POLICY_MAPPINGS; rc = RTCrX509PolicyMappings_DecodeAsn1(&ValueCursor, 0, pThat, "PolicyMapppings"); } } else if ( RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_SUBJECT_ALT_NAME_OID) == 0 || RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_ISSUER_ALT_NAME_OID) == 0) { /* 4.2.1.6 Subject Alternative Name / 4.2.1.7 Issuer Alternative Name */ PRTCRX509GENERALNAMES pThat; rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat)); if (RT_SUCCESS(rc)) { pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core; pThis->enmValue = RTCRX509EXTENSIONVALUE_GENERAL_NAMES; rc = RTCrX509GeneralNames_DecodeAsn1(&ValueCursor, 0, pThat, "AltName"); } } else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_BASIC_CONSTRAINTS_OID) == 0) { /* 4.2.1.9 Basic Constraints */ PRTCRX509BASICCONSTRAINTS pThat; rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat)); if (RT_SUCCESS(rc)) { pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core; pThis->enmValue = RTCRX509EXTENSIONVALUE_BASIC_CONSTRAINTS; rc = RTCrX509BasicConstraints_DecodeAsn1(&ValueCursor, 0, pThat, "BasicConstraints"); } } else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_NAME_CONSTRAINTS_OID) == 0) { /* 4.2.1.10 Name Constraints */ PRTCRX509NAMECONSTRAINTS pThat; rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat)); if (RT_SUCCESS(rc)) { pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core; pThis->enmValue = RTCRX509EXTENSIONVALUE_NAME_CONSTRAINTS; rc = RTCrX509NameConstraints_DecodeAsn1(&ValueCursor, 0, pThat, "NameConstraints"); } } else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_POLICY_CONSTRAINTS_OID) == 0) { /* 4.2.1.11 Policy Constraints */ PRTCRX509POLICYCONSTRAINTS pThat; rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat)); if (RT_SUCCESS(rc)) { pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core; pThis->enmValue = RTCRX509EXTENSIONVALUE_POLICY_CONSTRAINTS; rc = RTCrX509PolicyConstraints_DecodeAsn1(&ValueCursor, 0, pThat, "PolicyConstraints"); } } else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_EXT_KEY_USAGE_OID) == 0) { /* 4.2.1.12 Extended Key Usage */ PRTASN1SEQOFOBJIDS pThat; rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat)); if (RT_SUCCESS(rc)) { pThis->ExtnValue.pEncapsulated = &pThat->SeqCore.Asn1Core; pThis->enmValue = RTCRX509EXTENSIONVALUE_SEQ_OF_OBJ_IDS; rc = RTAsn1SeqOfObjIds_DecodeAsn1(&ValueCursor, 0, pThat, "ExKeyUsage"); } } else if (RTAsn1ObjId_CompareWithString(&pThis->ExtnId, RTCRX509_ID_CE_EXT_KEY_USAGE_OID) == 0) { /* 4.2.1.14 Inhibit anyPolicy */ PRTASN1INTEGER pThat; rc = RTAsn1MemAllocZ(&pThis->ExtnValue.EncapsulatedAllocation, (void **)&pThat, sizeof(*pThat)); if (RT_SUCCESS(rc)) { pThis->ExtnValue.pEncapsulated = &pThat->Asn1Core; pThis->enmValue = RTCRX509EXTENSIONVALUE_INTEGER; rc = RTAsn1CursorGetInteger(&ValueCursor, 0, pThat, "InhibitAnyPolicy"); } } else return VINF_SUCCESS; if (RT_SUCCESS(rc)) rc = RTAsn1CursorCheckEnd(&ValueCursor); if (RT_SUCCESS(rc)) return VINF_SUCCESS; return rc; }