MYCrypto: MYBERParser.m@90a70925562b (annotated)

jens@16	1	//
jens@16	2	// MYBERParser.m
jens@16	3	// MYCrypto
jens@16	4	//
jens@16	5	// Created by Jens Alfke on 6/2/09.
jens@16	6	// Copyright 2009 Jens Alfke. All rights reserved.
jens@16	7	//
jens@16	8
jens@16	9	#import "MYBERParser.h"
jens@16	10	#import "MYASN1Object.h"
jens@16	11	#import "MYOID.h"
jens@16	12	#import "MYErrorUtils.h"
jens@16	13	#import "CollectionUtils.h"
jens@16	14	#import "Test.h"
jens@16	15
jens@16	16
jens@16	17	#define MYBERParserException @"MYBERParserException"
jens@16	18
jens@16	19
jens@16	20
jens@16	21	typedef struct {
jens@17	22	unsigned tag :5;
jens@17	23	unsigned isConstructed :1;
jens@17	24	unsigned tagClass :2;
jens@17	25	unsigned length :7;
jens@17	26	unsigned isLengthLong :1;
jens@17	27	} BERHeader;
jens@17	28
jens@17	29	typedef struct {
jens@16	30	const uint8_t *nextChar;
jens@16	31	size_t length;
jens@16	32	} InputData;
jens@16	33
jens@16	34
jens@16	35	static void requireLength (size_t length, size_t expectedLength) {
jens@16	36	if (length != expectedLength)
jens@16	37	[NSException raise: MYBERParserException format: @"Unexpected value length"];
jens@16	38	}
jens@16	39
jens@16	40
jens@16	41	static const void* readOrDie (InputData *input, size_t len) {
jens@16	42	if (len > input->length)
jens@16	43	[NSException raise: MYBERParserException format: @"Unexpected EOF on input"];
jens@16	44	const void *bytes = input->nextChar;
jens@16	45	input->nextChar += len;
jens@16	46	input->length -= len;
jens@16	47	return bytes;
jens@16	48	}
jens@16	49
jens@16	50
jens@16	51	static NSData* readDataOrDie(InputData *input, size_t length) {
jens@16	52	return [NSMutableData dataWithBytes: readOrDie(input,length) length: length];
jens@16	53	}
jens@16	54
jens@16	55
jens@16	56	static NSString* readStringOrDie(InputData *input, size_t length, NSStringEncoding encoding) {
jens@16	57	NSString *str = [[NSString alloc] initWithBytes: readOrDie(input,length)
jens@16	58	length: length
jens@16	59	encoding: encoding];
jens@16	60	if (!str)
jens@16	61	[NSException raise: MYBERParserException format: @"Unparseable string"];
jens@16	62	return [str autorelease];
jens@16	63	}
jens@16	64
jens@16	65
jens@16	66	static uint32_t readBigEndianUnsignedInteger (InputData *input, size_t length) {
jens@16	67	if (length == 0 \|\| length > 4)
jens@16	68	[NSException raise: MYBERParserException format: @"Invalid integer length"];
jens@16	69	uint32_t result = 0;
jens@16	70	memcpy(((uint8_t*)&result)+(4-length), readOrDie(input, length), length);
jens@16	71	return result;
jens@16	72	}
jens@16	73
jens@16	74	static int32_t readBigEndianSignedInteger (InputData *input, size_t length) {
jens@16	75	int32_t result = (int32_t) readBigEndianUnsignedInteger(input,length);
jens@16	76	uint8_t dst = ((uint8_t)&result)+(4-length);
jens@16	77	if (*dst & 0x80) { // sign-extend negative value
jens@16	78	while (--dst >= (uint8_t*)&result)
jens@16	79	*dst = 0xFF;
jens@16	80	}
jens@16	81	return result;
jens@16	82	}
jens@16	83
jens@16	84
jens@16	85	NSDateFormatter* MYBERGeneralizedTimeFormatter() {
jens@16	86	static NSDateFormatter *sFmt;
jens@16	87	if (!sFmt) {
jens@16	88	sFmt = [[NSDateFormatter alloc] init];
jens@16	89	sFmt.dateFormat = @"yyyyMMddHHmmss'Z'";
jens@16	90	sFmt.timeZone = [NSTimeZone timeZoneWithName: @"GMT"];
jens@16	91	}
jens@16	92	return sFmt;
jens@16	93	}
jens@16	94
jens@16	95	NSDateFormatter* MYBERUTCTimeFormatter() {
jens@16	96	static NSDateFormatter *sFmt;
jens@16	97	if (!sFmt) {
jens@16	98	sFmt = [[NSDateFormatter alloc] init];
jens@16	99	sFmt.dateFormat = @"yyMMddHHmmss'Z'";
jens@16	100	sFmt.timeZone = [NSTimeZone timeZoneWithName: @"GMT"];
jens@16	101	}
jens@16	102	return sFmt;
jens@16	103	}
jens@16	104
jens@16	105	static NSDate* parseDate (NSString *dateStr, unsigned tag) {
jens@16	106	NSDateFormatter *fmt = (tag==23 ?MYBERUTCTimeFormatter() :MYBERGeneralizedTimeFormatter());
jens@16	107	NSDate *date = [fmt dateFromString: dateStr];
jens@16	108	if (!date)
jens@16	109	[NSException raise: MYBERParserException format: @"Unparseable date '%@'", dateStr];
jens@16	110	return date;
jens@16	111	}
jens@16	112
jens@16	113
jens@17	114	static size_t readHeader(InputData input, BERHeader header) {
jens@17	115	memcpy(header, readOrDie(input,2), 2);
jens@17	116	if (header->tag == 0x1F)
jens@17	117	[NSException raise: MYBERParserException format: @"Long tags not supported"];
jens@17	118	if (!header->isLengthLong)
jens@17	119	return header->length;
jens@17	120	else {
jens@17	121	if (header->length == 0)
jens@17	122	[NSException raise: MYBERParserException format: @"Indefinite length not supported"];
jens@17	123	return NSSwapBigIntToHost(readBigEndianUnsignedInteger(input,header->length));
jens@17	124	}
jens@17	125	}
jens@17	126
jens@17	127
jens@16	128	static id parseBER(InputData *input) {
jens@17	129	BERHeader header;
jens@17	130	size_t length = readHeader(input,&header);
jens@16	131
jens@16	132	Class defaultClass = [MYASN1Object class];
jens@16	133
jens@16	134	// Tag values can be found in <Security/x509defs.h>. I'm not using them here because that
jens@16	135	// header does not exist on iPhone!
jens@16	136
jens@16	137	if (header.isConstructed) {
jens@16	138	// Constructed:
jens@16	139	NSMutableArray *items = $marray();
jens@16	140	InputData subInput = {input->nextChar, length};
jens@16	141	while (subInput.length > 0) {
jens@16	142	[items addObject: parseBER(&subInput)];
jens@16	143	}
jens@16	144	input->nextChar += length;
jens@16	145	input->length -= length;
jens@16	146
jens@16	147	switch (header.tag) {
jens@16	148	case 16: // sequence
jens@16	149	return items;
jens@16	150	case 17: // set
jens@16	151	return [NSSet setWithArray: items];
jens@16	152	default:
jens@16	153	return [[[MYASN1Object alloc] initWithTag: header.tag
jens@16	154	ofClass: header.tagClass
jens@16	155	components: items] autorelease];
jens@16	156	}
jens@16	157	} else {
jens@16	158	// Primitive:
jens@16	159	switch (header.tag) {
jens@16	160	case 1: { // boolean
jens@16	161	requireLength(length,1);
jens@16	162	return (const uint8_t)readOrDie(input, 1) ?$true :$false;
jens@16	163	}
jens@16	164	case 2: // integer
jens@16	165	case 10: // enum
jens@16	166	{
jens@16	167	if (length <= 4) {
jens@16	168	int32_t value = NSSwapBigIntToHost(readBigEndianSignedInteger(input,length));
jens@16	169	return [NSNumber numberWithInteger: value];
jens@16	170	} else {
jens@16	171	// Big integer!
jens@16	172	defaultClass = [MYASN1BigInteger class];
jens@16	173	break;
jens@16	174	}
jens@16	175	}
jens@16	176	case 3: // bitstring
jens@16	177	{
jens@16	178	UInt8 unusedBits = (const UInt8) readOrDie(input, 1);
jens@16	179	if (unusedBits)
jens@16	180	Log(@"Bit-string has %u unused bits", (unsigned)unusedBits);
jens@16	181	if (unusedBits > 7 \|\| length < 1)
jens@16	182	[NSException raise: MYBERParserException format: @"Bogus bit-string"];
jens@16	183	return [[[MYBitString alloc] initWithBits: readDataOrDie(input, length-1)
jens@16	184	count: 8*(length-1) - unusedBits] autorelease];
jens@16	185	}
jens@16	186	case 4: // octetstring
jens@16	187	return readDataOrDie(input, length);
jens@16	188	case 5: // null
jens@16	189	requireLength(length,0);
jens@16	190	return [NSNull null];
jens@16	191	case 6: // OID
jens@16	192	return [[[MYOID alloc] initWithBEREncoding: readDataOrDie(input, length)] autorelease];
jens@16	193	case 12: // UTF8String
jens@16	194	return readStringOrDie(input,length,NSUTF8StringEncoding);
jens@16	195	case 18: // numeric string
jens@16	196	case 19: // printable string:
jens@16	197	return readStringOrDie(input,length,NSASCIIStringEncoding);
jens@16	198	case 23: // UTC time:
jens@16	199	case 24: // Generalized time:
jens@16	200	return parseDate(readStringOrDie(input,length,NSASCIIStringEncoding), header.tag);
jens@16	201	default:
jens@16	202	break;
jens@16	203	}
jens@16	204	}
jens@16	205
jens@16	206	// Generic case -- create and return a MYASN1Object:
jens@16	207	NSData *value = readDataOrDie(input, length);
jens@16	208	id result = [[[defaultClass alloc] initWithTag: header.tag
jens@16	209	ofClass: header.tagClass
jens@16	210	constructed: header.isConstructed
jens@16	211	value: value] autorelease];
jens@16	212	if( defaultClass == [MYASN1Object class])
jens@16	213	Warn(@"parseBER: Returning default %@", result);
jens@16	214	return result;
jens@16	215	}
jens@17	216
jens@17	217
jens@17	218	static void exceptionToError (NSException x, NSError *outError) {
jens@17	219	if ($equal(x.name, MYBERParserException)) {
jens@17	220	if (outError)
jens@17	221	*outError = MYError(1,MYASN1ErrorDomain, @"%@", x.reason);
jens@17	222	} else {
jens@17	223	@throw(x);
jens@17	224	}
jens@17	225	}
jens@16	226
jens@16	227
jens@16	228	id MYBERParse (NSData ber, NSError *outError) {
jens@16	229	@try{
jens@16	230	InputData input = {ber.bytes, ber.length};
jens@16	231	return parseBER(&input);
jens@16	232	}@catch (NSException *x) {
jens@17	233	exceptionToError(x,outError);
jens@16	234	}
jens@16	235	return nil;
jens@16	236	}
jens@16	237
jens@16	238
jens@17	239	size_t MYBERGetLength (NSData ber, NSError *outError) {
jens@17	240	@try{
jens@17	241	InputData input = {ber.bytes, ber.length};
jens@17	242	BERHeader header;
jens@17	243	return readHeader(&input,&header);
jens@17	244	}@catch (NSException *x) {
jens@17	245	exceptionToError(x,outError);
jens@17	246	}
jens@17	247	return 0;
jens@17	248	}
jens@17	249
jens@17	250	const void* MYBERGetContents (NSData ber, NSError *outError) {
jens@17	251	@try{
jens@17	252	InputData input = {ber.bytes, ber.length};
jens@17	253	BERHeader header;
jens@17	254	readHeader(&input,&header);
jens@17	255	return input.nextChar;
jens@17	256	}@catch (NSException *x) {
jens@17	257	exceptionToError(x,outError);
jens@17	258	}
jens@17	259	return NULL;
jens@17	260	}
jens@17	261
jens@16	262
jens@16	263
jens@16	264	#pragma mark -
jens@16	265	#pragma mark TEST CASES:
jens@16	266
jens@16	267
jens@16	268	#define $data(BYTES...) ({const uint8_t bytes[] = {BYTES}; [NSData dataWithBytes: bytes length: sizeof(bytes)];})
jens@16	269
jens@16	270	TestCase(ParseBER) {
jens@16	271	CAssertEqual(MYBERParse($data(0x05, 0x00), nil),
jens@16	272	[NSNull null]);
jens@16	273	CAssertEqual(MYBERParse($data(0x01, 0x01, 0xFF), nil),
jens@16	274	$true);
jens@16	275	CAssertEqual(MYBERParse($data(0x01, 0x01, 0x00), nil),
jens@16	276	$false);
jens@16	277
jens@16	278	// integers:
jens@16	279	CAssertEqual(MYBERParse($data(0x02, 0x01, 0x00), nil),
jens@16	280	$object(0));
jens@16	281	CAssertEqual(MYBERParse($data(0x02, 0x01, 0x48), nil),
jens@16	282	$object(72));
jens@16	283	CAssertEqual(MYBERParse($data(0x02, 0x01, 0x80), nil),
jens@16	284	$object(-128));
jens@16	285	CAssertEqual(MYBERParse($data(0x02, 0x02, 0x00, 0x80), nil),
jens@16	286	$object(128));
jens@16	287	CAssertEqual(MYBERParse($data(0x02, 0x02, 0x30,0x39), nil),
jens@16	288	$object(12345));
jens@16	289	CAssertEqual(MYBERParse($data(0x02, 0x02, 0xCF, 0xC7), nil),
jens@16	290	$object(-12345));
jens@16	291	CAssertEqual(MYBERParse($data(0x02, 0x04, 0x07, 0x5B, 0xCD, 0x15), nil),
jens@16	292	$object(123456789));
jens@16	293	CAssertEqual(MYBERParse($data(0x02, 0x04, 0xF8, 0xA4, 0x32, 0xEB), nil),
jens@16	294	$object(-123456789));
jens@16	295	CAssertEqual(MYBERParse($data(0x02, 0x04, 0xF8, 0xA4, 0x32, 0xEB), nil),
jens@16	296	$object(-123456789));
jens@16	297
jens@16	298	// octet strings:
jens@16	299	CAssertEqual(MYBERParse($data(0x04, 0x05, 'h', 'e', 'l', 'l', 'o'), nil),
jens@16	300	[@"hello" dataUsingEncoding: NSASCIIStringEncoding]);
jens@16	301	CAssertEqual(MYBERParse($data(0x04, 0x00), nil),
jens@16	302	[NSData data]);
jens@16	303	CAssertEqual(MYBERParse($data(0x0C, 0x05, 'h', 'e', 'l', 'l', 'o'), nil),
jens@16	304	@"hello");
jens@16	305
jens@16	306	// sequences:
jens@16	307	CAssertEqual(MYBERParse($data(0x30, 0x06, 0x02, 0x01, 0x48, 0x01, 0x01, 0xFF), nil),
jens@16	308	$array($object(72), $true));
jens@16	309	CAssertEqual(MYBERParse($data(0x30, 0x10,
jens@16	310	0x30, 0x06, 0x02, 0x01, 0x48, 0x01, 0x01, 0xFF,
jens@16	311	0x30, 0x06, 0x02, 0x01, 0x48, 0x01, 0x01, 0xFF), nil),
jens@16	312	$array( $array($object(72), $true), $array($object(72), $true)));
jens@16	313	}
jens@16	314
jens@16	315
jens@17	316	#import "MYCertificate.h"
jens@17	317	#import "MYPublicKey.h"
jens@17	318
jens@16	319	TestCase(ParseCert) {
jens@16	320	NSData *cert = [NSData dataWithContentsOfFile: @"../../Tests/selfsigned.cer"];
jens@16	321	NSError *error = nil;
jens@16	322	id parsed = MYBERParse(cert,&error);
jens@16	323	CAssert(parsed);
jens@16	324	CAssertNil(error);
jens@16	325	NSString *dump = [MYASN1Object dump: parsed];
jens@16	326	CAssert(dump);
jens@17	327	Log(@"Parsed selfsigned.cer:\n%@", dump);
jens@17	328
jens@17	329	MYCertificate *myCert = [[MYCertificate alloc] initWithCertificateData: cert];
jens@17	330	CAssert(myCert);
jens@17	331	const CSSM_KEY *pubKey = myCert.publicKey.cssmKey;
jens@17	332	CSSM_DATA pubKeyData = pubKey->KeyData;
jens@17	333	id parsedPubKey = MYBERParse([NSData dataWithBytes: pubKeyData.Data length: pubKeyData.Length],NULL);
jens@17	334	Log(@"Parsed public key:\n%@", [MYASN1Object dump: parsedPubKey]);
jens@16	335
jens@16	336	cert = [NSData dataWithContentsOfFile: @"../../Tests/iphonedev.cer"];
jens@16	337	parsed = MYBERParse(cert,&error);
jens@16	338	CAssert(parsed);
jens@16	339	CAssertNil(error);
jens@16	340	dump = [MYASN1Object dump: parsed];
jens@16	341	CAssert(dump);
jens@16	342	}

author	Jens Alfke <jens@mooseyard.com>
	Wed Jun 03 17:20:53 2009 -0700 (2009-06-03)
changeset 17	90a70925562b
parent 16	c409dbc4f068
child 19	f6c91b9da05b
permissions	-rw-r--r--