Mercurial > dropbear

view libtomcrypt/src/pk/asn1/der/object_identifier/der_decode_object_identifier.c @ 1885:5d8dbb6fdab7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix SSH_PUBKEYINFO, limit characters, add tests We fix a bad_bufptr() failure from a previous commit. We now limit the allowed characters to those that will definitely be safe in a shell. Some scripts/programs may use arbitrary environment variables without escaping correctly - that could be a problem in a restricted environment. The current allowed set is a-z A-Z 0-9 .,_-+@ This also adds a test for SSH_PUBKEYINFO, by default it only runs under github actions (or "act -j build").
author Matt Johnston <matt@ucc.asn.au>
date Wed, 16 Mar 2022 17:17:23 +0800
parents 6dba84798cd5
children
line wrap: on
line source

/* LibTomCrypt, modular cryptographic library -- Tom St Denis
 *
 * LibTomCrypt is a library that provides various cryptographic
 * algorithms in a highly modular and flexible manner.
 *
 * The library is free for all purposes without any express
 * guarantee it works.
 */
#include "tomcrypt.h"

/**
  @file der_decode_object_identifier.c
  ASN.1 DER, Decode Object Identifier, Tom St Denis
*/

#ifdef LTC_DER
/**
  Decode OID data and store the array of integers in words
  @param in      The OID DER encoded data
  @param inlen   The length of the OID data
  @param words   [out] The destination of the OID words
  @param outlen  [in/out] The number of OID words
  @return CRYPT_OK if successful
*/
int der_decode_object_identifier(const unsigned char *in,    unsigned long  inlen,
                                       unsigned long *words, unsigned long *outlen)
{
   unsigned long x, y, t, len;
   int err;

   LTC_ARGCHK(in     != NULL);
   LTC_ARGCHK(words  != NULL);
   LTC_ARGCHK(outlen != NULL);

   /* header is at least 3 bytes */
   if (inlen < 3) {
      return CRYPT_INVALID_PACKET;
   }

   /* must be room for at least two words */
   if (*outlen < 2) {
      *outlen = 2;
      return CRYPT_BUFFER_OVERFLOW;
   }

   /* decode the packet header */
   x = 0;
   if ((in[x++] & 0x1F) != 0x06) {
      return CRYPT_INVALID_PACKET;
   }

   /* get the length */
   if (in[x] < 128) {
      len = in[x++];
   } else {
      if (in[x] < 0x81 || in[x] > 0x82) {
         return CRYPT_INVALID_PACKET;
      }
      y   = in[x++] & 0x7F;
      len = 0;
      while (y--) {
         len = (len << 8) | (unsigned long)in[x++];
      }
   }

   if (len < 1 || (len + x) > inlen) {
      return CRYPT_INVALID_PACKET;
   }

   /* decode words */
   y = 0;
   t = 0;
   while (len--) {
      t = (t << 7) | (in[x] & 0x7F);
      if (!(in[x++] & 0x80)) {
         /* store t */
         if (y >= *outlen) {
            y++;
         } else {
            if (y == 0) {
               words[0] = t / 40;
               words[1] = t % 40;
               y = 2;
            } else {
               words[y++] = t;
            }
         }
         t = 0;
      }
   }

   if (y > *outlen) {
      err =  CRYPT_BUFFER_OVERFLOW;
   } else {
      err =  CRYPT_OK;
   }

   *outlen = y;
   return err;
}

#endif

/* ref:         $Format:%D$ */
/* git commit:  $Format:%H$ */
/* commit time: $Format:%ai$ */