Botan: src/asn1/der_enc.cpp Source File

00001 /*
00002 * DER Encoder
00003 * (C) 1999-2007 Jack Lloyd
00004 *
00005 * Distributed under the terms of the Botan license
00006 */
00007 
00008 #include <botan/der_enc.h>
00009 #include <botan/asn1_int.h>
00010 #include <botan/bigint.h>
00011 #include <botan/get_byte.h>
00012 #include <botan/parsing.h>
00013 #include <botan/internal/bit_ops.h>
00014 #include <algorithm>
00015 
00016 namespace Botan {
00017 
00018 namespace {
00019 
00020 /*
00021 * DER encode an ASN.1 type tag
00022 */
00023 SecureVector<byte> encode_tag(ASN1_Tag type_tag, ASN1_Tag class_tag)
00024    {
00025    if((class_tag | 0xE0) != 0xE0)
00026       throw Encoding_Error("DER_Encoder: Invalid class tag " +
00027                            to_string(class_tag));
00028 
00029    SecureVector<byte> encoded_tag;
00030    if(type_tag <= 30)
00031       encoded_tag.append(static_cast<byte>(type_tag | class_tag));
00032    else
00033       {
00034       u32bit blocks = high_bit(type_tag) + 6;
00035       blocks = (blocks - (blocks % 7)) / 7;
00036 
00037       encoded_tag.append(class_tag | 0x1F);
00038       for(u32bit k = 0; k != blocks - 1; ++k)
00039          encoded_tag.append(0x80 | ((type_tag >> 7*(blocks-k-1)) & 0x7F));
00040       encoded_tag.append(type_tag & 0x7F);
00041       }
00042 
00043    return encoded_tag;
00044    }
00045 
00046 /*
00047 * DER encode an ASN.1 length field
00048 */
00049 SecureVector<byte> encode_length(u32bit length)
00050    {
00051    SecureVector<byte> encoded_length;
00052    if(length <= 127)
00053       encoded_length.append(static_cast<byte>(length));
00054    else
00055       {
00056       const u32bit top_byte = significant_bytes(length);
00057       encoded_length.append(static_cast<byte>(0x80 | top_byte));
00058       for(u32bit j = 4-top_byte; j != 4; ++j)
00059          encoded_length.append(get_byte(j, length));
00060       }
00061    return encoded_length;
00062    }
00063 
00064 }
00065 
00066 /*
00067 * Return the encoded SEQUENCE/SET
00068 */
00069 SecureVector<byte> DER_Encoder::DER_Sequence::get_contents()
00070    {
00071    const ASN1_Tag real_class_tag = ASN1_Tag(class_tag | CONSTRUCTED);
00072 
00073    SecureVector<byte> encoded_tag = encode_tag(type_tag, real_class_tag);
00074 
00075    if(type_tag == SET)
00076       {
00077       std::sort(set_contents.begin(), set_contents.end());
00078       for(u32bit j = 0; j != set_contents.size(); ++j)
00079          contents.append(set_contents[j]);
00080       set_contents.clear();
00081       }
00082 
00083    SecureVector<byte> encoded_length = encode_length(contents.size());
00084 
00085    SecureVector<byte> retval;
00086    retval.append(encoded_tag);
00087    retval.append(encoded_length);
00088    retval.append(contents);
00089    contents.destroy();
00090    return retval;
00091    }
00092 
00093 /*
00094 * Add an encoded value to the SEQUENCE/SET
00095 */
00096 void DER_Encoder::DER_Sequence::add_bytes(const byte data[], u32bit length)
00097    {
00098    if(type_tag == SET)
00099       set_contents.push_back(SecureVector<byte>(data, length));
00100    else
00101       contents.append(data, length);
00102    }
00103 
00104 /*
00105 * Return the type and class taggings
00106 */
00107 ASN1_Tag DER_Encoder::DER_Sequence::tag_of() const
00108    {
00109    return ASN1_Tag(type_tag | class_tag);
00110    }
00111 
00112 /*
00113 * DER_Sequence Constructor
00114 */
00115 DER_Encoder::DER_Sequence::DER_Sequence(ASN1_Tag t1, ASN1_Tag t2) :
00116    type_tag(t1), class_tag(t2)
00117    {
00118    }
00119 
00120 /*
00121 * Return the encoded contents
00122 */
00123 SecureVector<byte> DER_Encoder::get_contents()
00124    {
00125    if(subsequences.size() != 0)
00126       throw Invalid_State("DER_Encoder: Sequence hasn't been marked done");
00127 
00128    SecureVector<byte> retval;
00129    retval = contents;
00130    contents.destroy();
00131    return retval;
00132    }
00133 
00134 /*
00135 * Start a new ASN.1 SEQUENCE/SET/EXPLICIT
00136 */
00137 DER_Encoder& DER_Encoder::start_cons(ASN1_Tag type_tag,
00138                                      ASN1_Tag class_tag)
00139    {
00140    subsequences.push_back(DER_Sequence(type_tag, class_tag));
00141    return (*this);
00142    }
00143 
00144 /*
00145 * Finish the current ASN.1 SEQUENCE/SET/EXPLICIT
00146 */
00147 DER_Encoder& DER_Encoder::end_cons()
00148    {
00149    if(subsequences.empty())
00150       throw Invalid_State("DER_Encoder::end_cons: No such sequence");
00151 
00152    SecureVector<byte> seq = subsequences[subsequences.size()-1].get_contents();
00153    subsequences.pop_back();
00154    raw_bytes(seq);
00155    return (*this);
00156    }
00157 
00158 /*
00159 * Start a new ASN.1 EXPLICIT encoding
00160 */
00161 DER_Encoder& DER_Encoder::start_explicit(u16bit type_no)
00162    {
00163    ASN1_Tag type_tag = static_cast<ASN1_Tag>(type_no);
00164 
00165    if(type_tag == SET)
00166       throw Internal_Error("DER_Encoder.start_explicit(SET); cannot perform");
00167 
00168    return start_cons(type_tag, CONTEXT_SPECIFIC);
00169    }
00170 
00171 /*
00172 * Finish the current ASN.1 EXPLICIT encoding
00173 */
00174 DER_Encoder& DER_Encoder::end_explicit()
00175    {
00176    return end_cons();
00177    }
00178 
00179 /*
00180 * Write raw bytes into the stream
00181 */
00182 DER_Encoder& DER_Encoder::raw_bytes(const MemoryRegion<byte>& val)
00183    {
00184    return raw_bytes(val.begin(), val.size());
00185    }
00186 
00187 /*
00188 * Write raw bytes into the stream
00189 */
00190 DER_Encoder& DER_Encoder::raw_bytes(const byte bytes[], u32bit length)
00191    {
00192    if(subsequences.size())
00193       subsequences[subsequences.size()-1].add_bytes(bytes, length);
00194    else
00195       contents.append(bytes, length);
00196 
00197    return (*this);
00198    }
00199 
00200 /*
00201 * Encode a NULL object
00202 */
00203 DER_Encoder& DER_Encoder::encode_null()
00204    {
00205    return add_object(NULL_TAG, UNIVERSAL, 0, 0);
00206    }
00207 
00208 /*
00209 * DER encode a BOOLEAN
00210 */
00211 DER_Encoder& DER_Encoder::encode(bool is_true)
00212    {
00213    return encode(is_true, BOOLEAN, UNIVERSAL);
00214    }
00215 
00216 /*
00217 * DER encode a small INTEGER
00218 */
00219 DER_Encoder& DER_Encoder::encode(u32bit n)
00220    {
00221    return encode(BigInt(n), INTEGER, UNIVERSAL);
00222    }
00223 
00224 /*
00225 * DER encode a small INTEGER
00226 */
00227 DER_Encoder& DER_Encoder::encode(const BigInt& n)
00228    {
00229    return encode(n, INTEGER, UNIVERSAL);
00230    }
00231 
00232 /*
00233 * DER encode an OCTET STRING or BIT STRING
00234 */
00235 DER_Encoder& DER_Encoder::encode(const MemoryRegion<byte>& bytes,
00236                                  ASN1_Tag real_type)
00237    {
00238    return encode(bytes.begin(), bytes.size(),
00239                  real_type, real_type, UNIVERSAL);
00240    }
00241 
00242 /*
00243 * Encode this object
00244 */
00245 DER_Encoder& DER_Encoder::encode(const byte bytes[], u32bit length,
00246                                  ASN1_Tag real_type)
00247    {
00248    return encode(bytes, length, real_type, real_type, UNIVERSAL);
00249    }
00250 
00251 /*
00252 * DER encode a BOOLEAN
00253 */
00254 DER_Encoder& DER_Encoder::encode(bool is_true,
00255                                  ASN1_Tag type_tag, ASN1_Tag class_tag)
00256    {
00257    byte val = is_true ? 0xFF : 0x00;
00258    return add_object(type_tag, class_tag, &val, 1);
00259    }
00260 
00261 /*
00262 * DER encode a small INTEGER
00263 */
00264 DER_Encoder& DER_Encoder::encode(u32bit n,
00265                                  ASN1_Tag type_tag, ASN1_Tag class_tag)
00266    {
00267    return encode(BigInt(n), type_tag, class_tag);
00268    }
00269 
00270 /*
00271 * DER encode an INTEGER
00272 */
00273 DER_Encoder& DER_Encoder::encode(const BigInt& n,
00274                                  ASN1_Tag type_tag, ASN1_Tag class_tag)
00275    {
00276    if(n == 0)
00277       return add_object(type_tag, class_tag, 0);
00278 
00279    bool extra_zero = (n.bits() % 8 == 0);
00280    SecureVector<byte> contents(extra_zero + n.bytes());
00281    BigInt::encode(contents.begin() + extra_zero, n);
00282    if(n < 0)
00283       {
00284       for(u32bit j = 0; j != contents.size(); ++j)
00285          contents[j] = ~contents[j];
00286       for(u32bit j = contents.size(); j > 0; --j)
00287          if(++contents[j-1])
00288             break;
00289       }
00290 
00291    return add_object(type_tag, class_tag, contents);
00292    }
00293 
00294 /*
00295 * DER encode an OCTET STRING or BIT STRING
00296 */
00297 DER_Encoder& DER_Encoder::encode(const MemoryRegion<byte>& bytes,
00298                                  ASN1_Tag real_type,
00299                                  ASN1_Tag type_tag, ASN1_Tag class_tag)
00300    {
00301    return encode(bytes.begin(), bytes.size(),
00302                  real_type, type_tag, class_tag);
00303    }
00304 
00305 /*
00306 * DER encode an OCTET STRING or BIT STRING
00307 */
00308 DER_Encoder& DER_Encoder::encode(const byte bytes[], u32bit length,
00309                                  ASN1_Tag real_type,
00310                                  ASN1_Tag type_tag, ASN1_Tag class_tag)
00311    {
00312    if(real_type != OCTET_STRING && real_type != BIT_STRING)
00313       throw Invalid_Argument("DER_Encoder: Invalid tag for byte/bit string");
00314 
00315    if(real_type == BIT_STRING)
00316       {
00317       SecureVector<byte> encoded;
00318       encoded.append(0);
00319       encoded.append(bytes, length);
00320       return add_object(type_tag, class_tag, encoded);
00321       }
00322    else
00323       return add_object(type_tag, class_tag, bytes, length);
00324    }
00325 
00326 /*
00327 * Conditionally write some values to the stream
00328 */
00329 DER_Encoder& DER_Encoder::encode_if(bool cond, DER_Encoder& codec)
00330    {
00331    if(cond)
00332       return raw_bytes(codec.get_contents());
00333    return (*this);
00334    }
00335 
00336 /*
00337 * Request for an object to encode itself
00338 */
00339 DER_Encoder& DER_Encoder::encode(const ASN1_Object& obj)
00340    {
00341    obj.encode_into(*this);
00342    return (*this);
00343    }
00344 
00345 /*
00346 * Write the encoding of the byte(s)
00347 */
00348 DER_Encoder& DER_Encoder::add_object(ASN1_Tag type_tag, ASN1_Tag class_tag,
00349                                      const byte rep[], u32bit length)
00350    {
00351    SecureVector<byte> encoded_tag = encode_tag(type_tag, class_tag);
00352    SecureVector<byte> encoded_length = encode_length(length);
00353 
00354    SecureVector<byte> buffer;
00355    buffer.append(encoded_tag);
00356    buffer.append(encoded_length);
00357    buffer.append(rep, length);
00358 
00359    return raw_bytes(buffer);
00360    }
00361 
00362 /*
00363 * Write the encoding of the byte(s)
00364 */
00365 DER_Encoder& DER_Encoder::add_object(ASN1_Tag type_tag, ASN1_Tag class_tag,
00366                                      const MemoryRegion<byte>& rep_buf)
00367    {
00368    const byte* rep = rep_buf.begin();
00369    const u32bit rep_len = rep_buf.size();
00370    return add_object(type_tag, class_tag, rep, rep_len);
00371    }
00372 
00373 /*
00374 * Write the encoding of the byte(s)
00375 */
00376 DER_Encoder& DER_Encoder::add_object(ASN1_Tag type_tag, ASN1_Tag class_tag,
00377                                      const std::string& rep_str)
00378    {
00379    const byte* rep = reinterpret_cast<const byte*>(rep_str.data());
00380    const u32bit rep_len = rep_str.size();
00381    return add_object(type_tag, class_tag, rep, rep_len);
00382    }
00383 
00384 /*
00385 * Write the encoding of the byte
00386 */
00387 DER_Encoder& DER_Encoder::add_object(ASN1_Tag type_tag,
00388                                      ASN1_Tag class_tag, byte rep)
00389    {
00390    return add_object(type_tag, class_tag, &rep, 1);
00391    }
00392 
00393 }