1 /** 2 * \file asn1.h 3 * 4 * \brief Generic ASN.1 parsing 5 */ 6 /* 7 * Copyright The Mbed TLS Contributors 8 * SPDX-License-Identifier: Apache-2.0 9 * 10 * Licensed under the Apache License, Version 2.0 (the "License"); you may 11 * not use this file except in compliance with the License. 12 * You may obtain a copy of the License at 13 * 14 * http://www.apache.org/licenses/LICENSE-2.0 15 * 16 * Unless required by applicable law or agreed to in writing, software 17 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 18 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 19 * See the License for the specific language governing permissions and 20 * limitations under the License. 21 */ 22 #ifndef MBEDTLS_ASN1_H 23 #define MBEDTLS_ASN1_H 24 #include "mbedtls/private_access.h" 25 26 #include "mbedtls/build_info.h" 27 28 #include <stddef.h> 29 30 #if defined(MBEDTLS_BIGNUM_C) 31 #include "mbedtls/bignum.h" 32 #endif 33 34 /** 35 * \addtogroup asn1_module 36 * \{ 37 */ 38 39 /** 40 * \name ASN1 Error codes 41 * These error codes are OR'ed to X509 error codes for 42 * higher error granularity. 43 * ASN1 is a standard to specify data structures. 44 * \{ 45 */ 46 #define MBEDTLS_ERR_ASN1_OUT_OF_DATA -0x0060 /**< Out of data when parsing an ASN1 data structure. */ 47 #define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpected value. */ 48 #define MBEDTLS_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determine the length or invalid length. */ 49 #define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from expected length. */ 50 #define MBEDTLS_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. */ 51 #define MBEDTLS_ERR_ASN1_ALLOC_FAILED -0x006A /**< Memory allocation failed */ 52 #define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL -0x006C /**< Buffer too small when writing ASN.1 data structure. */ 53 54 /* \} name */ 55 56 /** 57 * \name DER constants 58 * These constants comply with the DER encoded ASN.1 type tags. 59 * DER encoding uses hexadecimal representation. 60 * An example DER sequence is:\n 61 * - 0x02 -- tag indicating INTEGER 62 * - 0x01 -- length in octets 63 * - 0x05 -- value 64 * Such sequences are typically read into \c ::mbedtls_x509_buf. 65 * \{ 66 */ 67 #define MBEDTLS_ASN1_BOOLEAN 0x01 68 #define MBEDTLS_ASN1_INTEGER 0x02 69 #define MBEDTLS_ASN1_BIT_STRING 0x03 70 #define MBEDTLS_ASN1_OCTET_STRING 0x04 71 #define MBEDTLS_ASN1_NULL 0x05 72 #define MBEDTLS_ASN1_OID 0x06 73 #define MBEDTLS_ASN1_ENUMERATED 0x0A 74 #define MBEDTLS_ASN1_UTF8_STRING 0x0C 75 #define MBEDTLS_ASN1_SEQUENCE 0x10 76 #define MBEDTLS_ASN1_SET 0x11 77 #define MBEDTLS_ASN1_PRINTABLE_STRING 0x13 78 #define MBEDTLS_ASN1_T61_STRING 0x14 79 #define MBEDTLS_ASN1_IA5_STRING 0x16 80 #define MBEDTLS_ASN1_UTC_TIME 0x17 81 #define MBEDTLS_ASN1_GENERALIZED_TIME 0x18 82 #define MBEDTLS_ASN1_UNIVERSAL_STRING 0x1C 83 #define MBEDTLS_ASN1_BMP_STRING 0x1E 84 #define MBEDTLS_ASN1_PRIMITIVE 0x00 85 #define MBEDTLS_ASN1_CONSTRUCTED 0x20 86 #define MBEDTLS_ASN1_CONTEXT_SPECIFIC 0x80 87 88 /* Slightly smaller way to check if tag is a string tag 89 * compared to canonical implementation. */ 90 #define MBEDTLS_ASN1_IS_STRING_TAG( tag ) \ 91 ( ( tag ) < 32u && ( \ 92 ( ( 1u << ( tag ) ) & ( ( 1u << MBEDTLS_ASN1_BMP_STRING ) | \ 93 ( 1u << MBEDTLS_ASN1_UTF8_STRING ) | \ 94 ( 1u << MBEDTLS_ASN1_T61_STRING ) | \ 95 ( 1u << MBEDTLS_ASN1_IA5_STRING ) | \ 96 ( 1u << MBEDTLS_ASN1_UNIVERSAL_STRING ) | \ 97 ( 1u << MBEDTLS_ASN1_PRINTABLE_STRING ) | \ 98 ( 1u << MBEDTLS_ASN1_BIT_STRING ) ) ) != 0 ) ) 99 100 /* 101 * Bit masks for each of the components of an ASN.1 tag as specified in 102 * ITU X.690 (08/2015), section 8.1 "General rules for encoding", 103 * paragraph 8.1.2.2: 104 * 105 * Bit 8 7 6 5 1 106 * +-------+-----+------------+ 107 * | Class | P/C | Tag number | 108 * +-------+-----+------------+ 109 */ 110 #define MBEDTLS_ASN1_TAG_CLASS_MASK 0xC0 111 #define MBEDTLS_ASN1_TAG_PC_MASK 0x20 112 #define MBEDTLS_ASN1_TAG_VALUE_MASK 0x1F 113 114 /* \} name */ 115 /* \} addtogroup asn1_module */ 116 117 /** Returns the size of the binary string, without the trailing \\0 */ 118 #define MBEDTLS_OID_SIZE(x) (sizeof(x) - 1) 119 120 /** 121 * Compares an mbedtls_asn1_buf structure to a reference OID. 122 * 123 * Only works for 'defined' oid_str values (MBEDTLS_OID_HMAC_SHA1), you cannot use a 124 * 'unsigned char *oid' here! 125 */ 126 #define MBEDTLS_OID_CMP(oid_str, oid_buf) \ 127 ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len ) || \ 128 memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 ) 129 130 #define MBEDTLS_OID_CMP_RAW(oid_str, oid_buf, oid_buf_len) \ 131 ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len) ) || \ 132 memcmp( (oid_str), (oid_buf), (oid_buf_len) ) != 0 ) 133 134 #ifdef __cplusplus 135 extern "C" { 136 #endif 137 138 /** 139 * \name Functions to parse ASN.1 data structures 140 * \{ 141 */ 142 143 /** 144 * Type-length-value structure that allows for ASN1 using DER. 145 */ 146 typedef struct mbedtls_asn1_buf 147 { 148 int MBEDTLS_PRIVATE(tag); /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */ 149 size_t MBEDTLS_PRIVATE(len); /**< ASN1 length, in octets. */ 150 unsigned char *MBEDTLS_PRIVATE(p); /**< ASN1 data, e.g. in ASCII. */ 151 } 152 mbedtls_asn1_buf; 153 154 /** 155 * Container for ASN1 bit strings. 156 */ 157 typedef struct mbedtls_asn1_bitstring 158 { 159 size_t MBEDTLS_PRIVATE(len); /**< ASN1 length, in octets. */ 160 unsigned char MBEDTLS_PRIVATE(unused_bits); /**< Number of unused bits at the end of the string */ 161 unsigned char *MBEDTLS_PRIVATE(p); /**< Raw ASN1 data for the bit string */ 162 } 163 mbedtls_asn1_bitstring; 164 165 /** 166 * Container for a sequence of ASN.1 items 167 */ 168 typedef struct mbedtls_asn1_sequence 169 { 170 mbedtls_asn1_buf MBEDTLS_PRIVATE(buf); /**< Buffer containing the given ASN.1 item. */ 171 struct mbedtls_asn1_sequence *MBEDTLS_PRIVATE(next); /**< The next entry in the sequence. */ 172 } 173 mbedtls_asn1_sequence; 174 175 /** 176 * Container for a sequence or list of 'named' ASN.1 data items 177 */ 178 typedef struct mbedtls_asn1_named_data 179 { 180 mbedtls_asn1_buf MBEDTLS_PRIVATE(oid); /**< The object identifier. */ 181 mbedtls_asn1_buf MBEDTLS_PRIVATE(val); /**< The named value. */ 182 struct mbedtls_asn1_named_data *MBEDTLS_PRIVATE(next); /**< The next entry in the sequence. */ 183 unsigned char MBEDTLS_PRIVATE(next_merged); /**< Merge next item into the current one? */ 184 } 185 mbedtls_asn1_named_data; 186 187 /** 188 * \brief Get the length of an ASN.1 element. 189 * Updates the pointer to immediately behind the length. 190 * 191 * \param p On entry, \c *p points to the first byte of the length, 192 * i.e. immediately after the tag. 193 * On successful completion, \c *p points to the first byte 194 * after the length, i.e. the first byte of the content. 195 * On error, the value of \c *p is undefined. 196 * \param end End of data. 197 * \param len On successful completion, \c *len contains the length 198 * read from the ASN.1 input. 199 * 200 * \return 0 if successful. 201 * \return #MBEDTLS_ERR_ASN1_OUT_OF_DATA if the ASN.1 element 202 * would end beyond \p end. 203 * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparseable. 204 */ 205 int mbedtls_asn1_get_len( unsigned char **p, 206 const unsigned char *end, 207 size_t *len ); 208 209 /** 210 * \brief Get the tag and length of the element. 211 * Check for the requested tag. 212 * Updates the pointer to immediately behind the tag and length. 213 * 214 * \param p On entry, \c *p points to the start of the ASN.1 element. 215 * On successful completion, \c *p points to the first byte 216 * after the length, i.e. the first byte of the content. 217 * On error, the value of \c *p is undefined. 218 * \param end End of data. 219 * \param len On successful completion, \c *len contains the length 220 * read from the ASN.1 input. 221 * \param tag The expected tag. 222 * 223 * \return 0 if successful. 224 * \return #MBEDTLS_ERR_ASN1_UNEXPECTED_TAG if the data does not start 225 * with the requested tag. 226 * \return #MBEDTLS_ERR_ASN1_OUT_OF_DATA if the ASN.1 element 227 * would end beyond \p end. 228 * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparseable. 229 */ 230 int mbedtls_asn1_get_tag( unsigned char **p, 231 const unsigned char *end, 232 size_t *len, int tag ); 233 234 /** 235 * \brief Retrieve a boolean ASN.1 tag and its value. 236 * Updates the pointer to immediately behind the full tag. 237 * 238 * \param p On entry, \c *p points to the start of the ASN.1 element. 239 * On successful completion, \c *p points to the first byte 240 * beyond the ASN.1 element. 241 * On error, the value of \c *p is undefined. 242 * \param end End of data. 243 * \param val On success, the parsed value (\c 0 or \c 1). 244 * 245 * \return 0 if successful. 246 * \return An ASN.1 error code if the input does not start with 247 * a valid ASN.1 BOOLEAN. 248 */ 249 int mbedtls_asn1_get_bool( unsigned char **p, 250 const unsigned char *end, 251 int *val ); 252 253 /** 254 * \brief Retrieve an integer ASN.1 tag and its value. 255 * Updates the pointer to immediately behind the full tag. 256 * 257 * \param p On entry, \c *p points to the start of the ASN.1 element. 258 * On successful completion, \c *p points to the first byte 259 * beyond the ASN.1 element. 260 * On error, the value of \c *p is undefined. 261 * \param end End of data. 262 * \param val On success, the parsed value. 263 * 264 * \return 0 if successful. 265 * \return An ASN.1 error code if the input does not start with 266 * a valid ASN.1 INTEGER. 267 * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does 268 * not fit in an \c int. 269 */ 270 int mbedtls_asn1_get_int( unsigned char **p, 271 const unsigned char *end, 272 int *val ); 273 274 /** 275 * \brief Retrieve an enumerated ASN.1 tag and its value. 276 * Updates the pointer to immediately behind the full tag. 277 * 278 * \param p On entry, \c *p points to the start of the ASN.1 element. 279 * On successful completion, \c *p points to the first byte 280 * beyond the ASN.1 element. 281 * On error, the value of \c *p is undefined. 282 * \param end End of data. 283 * \param val On success, the parsed value. 284 * 285 * \return 0 if successful. 286 * \return An ASN.1 error code if the input does not start with 287 * a valid ASN.1 ENUMERATED. 288 * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does 289 * not fit in an \c int. 290 */ 291 int mbedtls_asn1_get_enum( unsigned char **p, 292 const unsigned char *end, 293 int *val ); 294 295 /** 296 * \brief Retrieve a bitstring ASN.1 tag and its value. 297 * Updates the pointer to immediately behind the full tag. 298 * 299 * \param p On entry, \c *p points to the start of the ASN.1 element. 300 * On successful completion, \c *p is equal to \p end. 301 * On error, the value of \c *p is undefined. 302 * \param end End of data. 303 * \param bs On success, ::mbedtls_asn1_bitstring information about 304 * the parsed value. 305 * 306 * \return 0 if successful. 307 * \return #MBEDTLS_ERR_ASN1_LENGTH_MISMATCH if the input contains 308 * extra data after a valid BIT STRING. 309 * \return An ASN.1 error code if the input does not start with 310 * a valid ASN.1 BIT STRING. 311 */ 312 int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, 313 mbedtls_asn1_bitstring *bs ); 314 315 /** 316 * \brief Retrieve a bitstring ASN.1 tag without unused bits and its 317 * value. 318 * Updates the pointer to the beginning of the bit/octet string. 319 * 320 * \param p On entry, \c *p points to the start of the ASN.1 element. 321 * On successful completion, \c *p points to the first byte 322 * of the content of the BIT STRING. 323 * On error, the value of \c *p is undefined. 324 * \param end End of data. 325 * \param len On success, \c *len is the length of the content in bytes. 326 * 327 * \return 0 if successful. 328 * \return #MBEDTLS_ERR_ASN1_INVALID_DATA if the input starts with 329 * a valid BIT STRING with a nonzero number of unused bits. 330 * \return An ASN.1 error code if the input does not start with 331 * a valid ASN.1 BIT STRING. 332 */ 333 int mbedtls_asn1_get_bitstring_null( unsigned char **p, 334 const unsigned char *end, 335 size_t *len ); 336 337 /** 338 * \brief Parses and splits an ASN.1 "SEQUENCE OF <tag>". 339 * Updates the pointer to immediately behind the full sequence tag. 340 * 341 * This function allocates memory for the sequence elements. You can free 342 * the allocated memory with mbedtls_asn1_sequence_free(). 343 * 344 * \note On error, this function may return a partial list in \p cur. 345 * You must set `cur->next = NULL` before calling this function! 346 * Otherwise it is impossible to distinguish a previously non-null 347 * pointer from a pointer to an object allocated by this function. 348 * 349 * \note If the sequence is empty, this function does not modify 350 * \c *cur. If the sequence is valid and non-empty, this 351 * function sets `cur->buf.tag` to \p tag. This allows 352 * callers to distinguish between an empty sequence and 353 * a one-element sequence. 354 * 355 * \param p On entry, \c *p points to the start of the ASN.1 element. 356 * On successful completion, \c *p is equal to \p end. 357 * On error, the value of \c *p is undefined. 358 * \param end End of data. 359 * \param cur A ::mbedtls_asn1_sequence which this function fills. 360 * When this function returns, \c *cur is the head of a linked 361 * list. Each node in this list is allocated with 362 * mbedtls_calloc() apart from \p cur itself, and should 363 * therefore be freed with mbedtls_free(). 364 * The list describes the content of the sequence. 365 * The head of the list (i.e. \c *cur itself) describes the 366 * first element, `*cur->next` describes the second element, etc. 367 * For each element, `buf.tag == tag`, `buf.len` is the length 368 * of the content of the content of the element, and `buf.p` 369 * points to the first byte of the content (i.e. immediately 370 * past the length of the element). 371 * Note that list elements may be allocated even on error. 372 * \param tag Each element of the sequence must have this tag. 373 * 374 * \return 0 if successful. 375 * \return #MBEDTLS_ERR_ASN1_LENGTH_MISMATCH if the input contains 376 * extra data after a valid SEQUENCE OF \p tag. 377 * \return #MBEDTLS_ERR_ASN1_UNEXPECTED_TAG if the input starts with 378 * an ASN.1 SEQUENCE in which an element has a tag that 379 * is different from \p tag. 380 * \return #MBEDTLS_ERR_ASN1_ALLOC_FAILED if a memory allocation failed. 381 * \return An ASN.1 error code if the input does not start with 382 * a valid ASN.1 SEQUENCE. 383 */ 384 int mbedtls_asn1_get_sequence_of( unsigned char **p, 385 const unsigned char *end, 386 mbedtls_asn1_sequence *cur, 387 int tag ); 388 /** 389 * \brief Free a heap-allocated linked list presentation of 390 * an ASN.1 sequence, including the first element. 391 * 392 * There are two common ways to manage the memory used for the representation 393 * of a parsed ASN.1 sequence: 394 * - Allocate a head node `mbedtls_asn1_sequence *head` with mbedtls_calloc(). 395 * Pass this node as the `cur` argument to mbedtls_asn1_get_sequence_of(). 396 * When you have finished processing the sequence, 397 * call mbedtls_asn1_sequence_free() on `head`. 398 * - Allocate a head node `mbedtls_asn1_sequence *head` in any manner, 399 * for example on the stack. Make sure that `head->next == NULL`. 400 * Pass `head` as the `cur` argument to mbedtls_asn1_get_sequence_of(). 401 * When you have finished processing the sequence, 402 * call mbedtls_asn1_sequence_free() on `head->cur`, 403 * then free `head` itself in the appropriate manner. 404 * 405 * \param seq The address of the first sequence component. This may 406 * be \c NULL, in which case this functions returns 407 * immediately. 408 */ 409 void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ); 410 411 /** 412 * \brief Traverse an ASN.1 SEQUENCE container and 413 * call a callback for each entry. 414 * 415 * This function checks that the input is a SEQUENCE of elements that 416 * each have a "must" tag, and calls a callback function on the elements 417 * that have a "may" tag. 418 * 419 * For example, to validate that the input is a SEQUENCE of `tag1` and call 420 * `cb` on each element, use 421 * ``` 422 * mbedtls_asn1_traverse_sequence_of(&p, end, 0xff, tag1, 0, 0, cb, ctx); 423 * ``` 424 * 425 * To validate that the input is a SEQUENCE of ANY and call `cb` on 426 * each element, use 427 * ``` 428 * mbedtls_asn1_traverse_sequence_of(&p, end, 0, 0, 0, 0, cb, ctx); 429 * ``` 430 * 431 * To validate that the input is a SEQUENCE of CHOICE {NULL, OCTET STRING} 432 * and call `cb` on each element that is an OCTET STRING, use 433 * ``` 434 * mbedtls_asn1_traverse_sequence_of(&p, end, 0xfe, 0x04, 0xff, 0x04, cb, ctx); 435 * ``` 436 * 437 * The callback is called on the elements with a "may" tag from left to 438 * right. If the input is not a valid SEQUENCE of elements with a "must" tag, 439 * the callback is called on the elements up to the leftmost point where 440 * the input is invalid. 441 * 442 * \warning This function is still experimental and may change 443 * at any time. 444 * 445 * \param p The address of the pointer to the beginning of 446 * the ASN.1 SEQUENCE header. This is updated to 447 * point to the end of the ASN.1 SEQUENCE container 448 * on a successful invocation. 449 * \param end The end of the ASN.1 SEQUENCE container. 450 * \param tag_must_mask A mask to be applied to the ASN.1 tags found within 451 * the SEQUENCE before comparing to \p tag_must_value. 452 * \param tag_must_val The required value of each ASN.1 tag found in the 453 * SEQUENCE, after masking with \p tag_must_mask. 454 * Mismatching tags lead to an error. 455 * For example, a value of \c 0 for both \p tag_must_mask 456 * and \p tag_must_val means that every tag is allowed, 457 * while a value of \c 0xFF for \p tag_must_mask means 458 * that \p tag_must_val is the only allowed tag. 459 * \param tag_may_mask A mask to be applied to the ASN.1 tags found within 460 * the SEQUENCE before comparing to \p tag_may_value. 461 * \param tag_may_val The desired value of each ASN.1 tag found in the 462 * SEQUENCE, after masking with \p tag_may_mask. 463 * Mismatching tags will be silently ignored. 464 * For example, a value of \c 0 for \p tag_may_mask and 465 * \p tag_may_val means that any tag will be considered, 466 * while a value of \c 0xFF for \p tag_may_mask means 467 * that all tags with value different from \p tag_may_val 468 * will be ignored. 469 * \param cb The callback to trigger for each component 470 * in the ASN.1 SEQUENCE that matches \p tag_may_val. 471 * The callback function is called with the following 472 * parameters: 473 * - \p ctx. 474 * - The tag of the current element. 475 * - A pointer to the start of the current element's 476 * content inside the input. 477 * - The length of the content of the current element. 478 * If the callback returns a non-zero value, 479 * the function stops immediately, 480 * forwarding the callback's return value. 481 * \param ctx The context to be passed to the callback \p cb. 482 * 483 * \return \c 0 if successful the entire ASN.1 SEQUENCE 484 * was traversed without parsing or callback errors. 485 * \return #MBEDTLS_ERR_ASN1_LENGTH_MISMATCH if the input 486 * contains extra data after a valid SEQUENCE 487 * of elements with an accepted tag. 488 * \return #MBEDTLS_ERR_ASN1_UNEXPECTED_TAG if the input starts 489 * with an ASN.1 SEQUENCE in which an element has a tag 490 * that is not accepted. 491 * \return An ASN.1 error code if the input does not start with 492 * a valid ASN.1 SEQUENCE. 493 * \return A non-zero error code forwarded from the callback 494 * \p cb in case the latter returns a non-zero value. 495 */ 496 int mbedtls_asn1_traverse_sequence_of( 497 unsigned char **p, 498 const unsigned char *end, 499 unsigned char tag_must_mask, unsigned char tag_must_val, 500 unsigned char tag_may_mask, unsigned char tag_may_val, 501 int (*cb)( void *ctx, int tag, 502 unsigned char* start, size_t len ), 503 void *ctx ); 504 505 #if defined(MBEDTLS_BIGNUM_C) 506 /** 507 * \brief Retrieve an integer ASN.1 tag and its value. 508 * Updates the pointer to immediately behind the full tag. 509 * 510 * \param p On entry, \c *p points to the start of the ASN.1 element. 511 * On successful completion, \c *p points to the first byte 512 * beyond the ASN.1 element. 513 * On error, the value of \c *p is undefined. 514 * \param end End of data. 515 * \param X On success, the parsed value. 516 * 517 * \return 0 if successful. 518 * \return An ASN.1 error code if the input does not start with 519 * a valid ASN.1 INTEGER. 520 * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does 521 * not fit in an \c int. 522 * \return An MPI error code if the parsed value is too large. 523 */ 524 int mbedtls_asn1_get_mpi( unsigned char **p, 525 const unsigned char *end, 526 mbedtls_mpi *X ); 527 #endif /* MBEDTLS_BIGNUM_C */ 528 529 /** 530 * \brief Retrieve an AlgorithmIdentifier ASN.1 sequence. 531 * Updates the pointer to immediately behind the full 532 * AlgorithmIdentifier. 533 * 534 * \param p On entry, \c *p points to the start of the ASN.1 element. 535 * On successful completion, \c *p points to the first byte 536 * beyond the AlgorithmIdentifier element. 537 * On error, the value of \c *p is undefined. 538 * \param end End of data. 539 * \param alg The buffer to receive the OID. 540 * \param params The buffer to receive the parameters. 541 * This is zeroized if there are no parameters. 542 * 543 * \return 0 if successful or a specific ASN.1 or MPI error code. 544 */ 545 int mbedtls_asn1_get_alg( unsigned char **p, 546 const unsigned char *end, 547 mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params ); 548 549 /** 550 * \brief Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no 551 * params. 552 * Updates the pointer to immediately behind the full 553 * AlgorithmIdentifier. 554 * 555 * \param p On entry, \c *p points to the start of the ASN.1 element. 556 * On successful completion, \c *p points to the first byte 557 * beyond the AlgorithmIdentifier element. 558 * On error, the value of \c *p is undefined. 559 * \param end End of data. 560 * \param alg The buffer to receive the OID. 561 * 562 * \return 0 if successful or a specific ASN.1 or MPI error code. 563 */ 564 int mbedtls_asn1_get_alg_null( unsigned char **p, 565 const unsigned char *end, 566 mbedtls_asn1_buf *alg ); 567 568 /** 569 * \brief Find a specific named_data entry in a sequence or list based on 570 * the OID. 571 * 572 * \param list The list to seek through 573 * \param oid The OID to look for 574 * \param len Size of the OID 575 * 576 * \return NULL if not found, or a pointer to the existing entry. 577 */ 578 const mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( const mbedtls_asn1_named_data *list, 579 const char *oid, size_t len ); 580 581 /** 582 * \brief Free a mbedtls_asn1_named_data entry 583 * 584 * \param entry The named data entry to free. 585 * This function calls mbedtls_free() on 586 * `entry->oid.p` and `entry->val.p`. 587 */ 588 void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry ); 589 590 /** 591 * \brief Free all entries in a mbedtls_asn1_named_data list. 592 * 593 * \param head Pointer to the head of the list of named data entries to free. 594 * This function calls mbedtls_asn1_free_named_data() and 595 * mbedtls_free() on each list element and 596 * sets \c *head to \c NULL. 597 */ 598 void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head ); 599 600 #ifdef __cplusplus 601 } 602 #endif 603 604 #endif /* asn1.h */ 605
