jens@16: // jens@16: // MYBERParser.m jens@16: // MYCrypto jens@16: // jens@16: // Created by Jens Alfke on 6/2/09. jens@16: // Copyright 2009 Jens Alfke. All rights reserved. jens@16: // jens@16: jens@20: // Reference: jens@20: // "Layman's Guide To ASN.1/BER/DER" jens@20: jens@16: #import "MYBERParser.h" jens@16: #import "MYASN1Object.h" jens@16: #import "MYOID.h" jens@16: #import "MYErrorUtils.h" jens@16: #import "CollectionUtils.h" jens@16: #import "Test.h" jens@16: jens@16: jens@16: #define MYBERParserException @"MYBERParserException" jens@16: jens@16: jens@16: jens@16: typedef struct { jens@17: unsigned tag :5; jens@17: unsigned isConstructed :1; jens@17: unsigned tagClass :2; jens@17: unsigned length :7; jens@17: unsigned isLengthLong :1; jens@17: } BERHeader; jens@17: jens@17: typedef struct { jens@16: const uint8_t *nextChar; jens@16: size_t length; jens@16: } InputData; jens@16: jens@16: jens@16: static void requireLength (size_t length, size_t expectedLength) { jens@16: if (length != expectedLength) jens@16: [NSException raise: MYBERParserException format: @"Unexpected value length"]; jens@16: } jens@16: jens@16: jens@16: static const void* readOrDie (InputData *input, size_t len) { jens@16: if (len > input->length) jens@16: [NSException raise: MYBERParserException format: @"Unexpected EOF on input"]; jens@16: const void *bytes = input->nextChar; jens@16: input->nextChar += len; jens@16: input->length -= len; jens@16: return bytes; jens@16: } jens@16: jens@16: jens@16: static NSData* readDataOrDie(InputData *input, size_t length) { jens@16: return [NSMutableData dataWithBytes: readOrDie(input,length) length: length]; jens@16: } jens@16: jens@16: jens@16: static NSString* readStringOrDie(InputData *input, size_t length, NSStringEncoding encoding) { jens@16: NSString *str = [[NSString alloc] initWithBytes: readOrDie(input,length) jens@16: length: length jens@16: encoding: encoding]; jens@16: if (!str) jens@16: [NSException raise: MYBERParserException format: @"Unparseable string"]; jens@16: return [str autorelease]; jens@16: } jens@16: jens@16: jens@16: static uint32_t readBigEndianUnsignedInteger (InputData *input, size_t length) { jens@16: if (length == 0 || length > 4) jens@16: [NSException raise: MYBERParserException format: @"Invalid integer length"]; jens@16: uint32_t result = 0; jens@16: memcpy(((uint8_t*)&result)+(4-length), readOrDie(input, length), length); jens@16: return result; jens@16: } jens@16: jens@16: static int32_t readBigEndianSignedInteger (InputData *input, size_t length) { jens@16: int32_t result = (int32_t) readBigEndianUnsignedInteger(input,length); jens@16: uint8_t *dst = ((uint8_t*)&result)+(4-length); jens@16: if (*dst & 0x80) { // sign-extend negative value jens@16: while (--dst >= (uint8_t*)&result) jens@16: *dst = 0xFF; jens@16: } jens@16: return result; jens@16: } jens@16: jens@16: jens@16: NSDateFormatter* MYBERGeneralizedTimeFormatter() { jens@16: static NSDateFormatter *sFmt; jens@16: if (!sFmt) { jens@16: sFmt = [[NSDateFormatter alloc] init]; jens@16: sFmt.dateFormat = @"yyyyMMddHHmmss'Z'"; jens@16: sFmt.timeZone = [NSTimeZone timeZoneWithName: @"GMT"]; jens@16: } jens@16: return sFmt; jens@16: } jens@16: jens@16: NSDateFormatter* MYBERUTCTimeFormatter() { jens@16: static NSDateFormatter *sFmt; jens@16: if (!sFmt) { jens@16: sFmt = [[NSDateFormatter alloc] init]; jens@16: sFmt.dateFormat = @"yyMMddHHmmss'Z'"; jens@16: sFmt.timeZone = [NSTimeZone timeZoneWithName: @"GMT"]; jens@16: } jens@16: return sFmt; jens@16: } jens@16: jens@16: static NSDate* parseDate (NSString *dateStr, unsigned tag) { jens@20: //FIX: There are more date formats possible; need to try them all. (see "Layman's Guide", 5.17) jens@16: NSDateFormatter *fmt = (tag==23 ?MYBERUTCTimeFormatter() :MYBERGeneralizedTimeFormatter()); jens@16: NSDate *date = [fmt dateFromString: dateStr]; jens@16: if (!date) jens@16: [NSException raise: MYBERParserException format: @"Unparseable date '%@'", dateStr]; jens@16: return date; jens@16: } jens@16: jens@16: jens@17: static size_t readHeader(InputData *input, BERHeader *header) { jens@17: memcpy(header, readOrDie(input,2), 2); jens@17: if (header->tag == 0x1F) jens@17: [NSException raise: MYBERParserException format: @"Long tags not supported"]; jens@17: if (!header->isLengthLong) jens@17: return header->length; jens@17: else { jens@17: if (header->length == 0) jens@17: [NSException raise: MYBERParserException format: @"Indefinite length not supported"]; jens@17: return NSSwapBigIntToHost(readBigEndianUnsignedInteger(input,header->length)); jens@17: } jens@17: } jens@17: jens@17: jens@16: static id parseBER(InputData *input) { jens@17: BERHeader header; jens@17: size_t length = readHeader(input,&header); jens@16: jens@16: Class defaultClass = [MYASN1Object class]; jens@16: jens@16: // Tag values can be found in . I'm not using them here because that jens@16: // header does not exist on iPhone! jens@16: jens@16: if (header.isConstructed) { jens@16: // Constructed: jens@16: NSMutableArray *items = $marray(); jens@16: InputData subInput = {input->nextChar, length}; jens@16: while (subInput.length > 0) { jens@16: [items addObject: parseBER(&subInput)]; jens@16: } jens@16: input->nextChar += length; jens@16: input->length -= length; jens@16: jens@16: switch (header.tag) { jens@16: case 16: // sequence jens@16: return items; jens@16: case 17: // set jens@16: return [NSSet setWithArray: items]; jens@16: default: jens@16: return [[[MYASN1Object alloc] initWithTag: header.tag jens@16: ofClass: header.tagClass jens@16: components: items] autorelease]; jens@16: } jens@16: } else { jens@16: // Primitive: jens@16: switch (header.tag) { jens@16: case 1: { // boolean jens@16: requireLength(length,1); jens@16: return *(const uint8_t*)readOrDie(input, 1) ?$true :$false; jens@16: } jens@16: case 2: // integer jens@16: case 10: // enum jens@16: { jens@16: if (length <= 4) { jens@16: int32_t value = NSSwapBigIntToHost(readBigEndianSignedInteger(input,length)); jens@16: return [NSNumber numberWithInteger: value]; jens@16: } else { jens@16: // Big integer! jens@16: defaultClass = [MYASN1BigInteger class]; jens@16: break; jens@16: } jens@16: } jens@16: case 3: // bitstring jens@16: { jens@16: UInt8 unusedBits = *(const UInt8*) readOrDie(input, 1); jens@16: if (unusedBits) jens@16: Log(@"Bit-string has %u unused bits", (unsigned)unusedBits); jens@16: if (unusedBits > 7 || length < 1) jens@16: [NSException raise: MYBERParserException format: @"Bogus bit-string"]; jens@16: return [[[MYBitString alloc] initWithBits: readDataOrDie(input, length-1) jens@16: count: 8*(length-1) - unusedBits] autorelease]; jens@16: } jens@16: case 4: // octetstring jens@16: return readDataOrDie(input, length); jens@16: case 5: // null jens@16: requireLength(length,0); jens@16: return [NSNull null]; jens@16: case 6: // OID jens@16: return [[[MYOID alloc] initWithBEREncoding: readDataOrDie(input, length)] autorelease]; jens@16: case 12: // UTF8String jens@16: return readStringOrDie(input,length,NSUTF8StringEncoding); jens@16: case 18: // numeric string jens@16: case 19: // printable string: jens@19: case 22: // IA5 string: jens@19: case 20: // T61 string: jens@19: { jens@19: NSString *string = readStringOrDie(input,length,NSASCIIStringEncoding); jens@19: if (string) jens@19: return string; jens@19: else jens@19: break; // if decoding fails, fall back to generic MYASN1Object jens@19: } jens@16: case 23: // UTC time: jens@16: case 24: // Generalized time: jens@16: return parseDate(readStringOrDie(input,length,NSASCIIStringEncoding), header.tag); jens@16: default: jens@16: break; jens@16: } jens@16: } jens@16: jens@16: // Generic case -- create and return a MYASN1Object: jens@16: NSData *value = readDataOrDie(input, length); jens@16: id result = [[[defaultClass alloc] initWithTag: header.tag jens@16: ofClass: header.tagClass jens@16: constructed: header.isConstructed jens@16: value: value] autorelease]; jens@16: if( defaultClass == [MYASN1Object class]) jens@16: Warn(@"parseBER: Returning default %@", result); jens@16: return result; jens@16: } jens@17: jens@17: jens@17: static void exceptionToError (NSException *x, NSError **outError) { jens@17: if ($equal(x.name, MYBERParserException)) { jens@17: if (outError) jens@17: *outError = MYError(1,MYASN1ErrorDomain, @"%@", x.reason); jens@17: } else { jens@17: @throw(x); jens@17: } jens@17: } jens@16: jens@16: jens@16: id MYBERParse (NSData *ber, NSError **outError) { jens@16: @try{ jens@16: InputData input = {ber.bytes, ber.length}; jens@16: return parseBER(&input); jens@16: }@catch (NSException *x) { jens@17: exceptionToError(x,outError); jens@16: } jens@16: return nil; jens@16: } jens@16: jens@16: jens@17: size_t MYBERGetLength (NSData *ber, NSError **outError) { jens@17: @try{ jens@17: InputData input = {ber.bytes, ber.length}; jens@17: BERHeader header; jens@17: return readHeader(&input,&header); jens@17: }@catch (NSException *x) { jens@17: exceptionToError(x,outError); jens@17: } jens@17: return 0; jens@17: } jens@17: jens@17: const void* MYBERGetContents (NSData *ber, NSError **outError) { jens@17: @try{ jens@17: InputData input = {ber.bytes, ber.length}; jens@17: BERHeader header; jens@17: readHeader(&input,&header); jens@17: return input.nextChar; jens@17: }@catch (NSException *x) { jens@17: exceptionToError(x,outError); jens@17: } jens@17: return NULL; jens@17: } jens@17: jens@16: jens@16: jens@16: #pragma mark - jens@16: #pragma mark TEST CASES: jens@16: jens@16: jens@16: #define $data(BYTES...) ({const uint8_t bytes[] = {BYTES}; [NSData dataWithBytes: bytes length: sizeof(bytes)];}) jens@16: jens@16: TestCase(ParseBER) { jens@16: CAssertEqual(MYBERParse($data(0x05, 0x00), nil), jens@16: [NSNull null]); jens@16: CAssertEqual(MYBERParse($data(0x01, 0x01, 0xFF), nil), jens@16: $true); jens@16: CAssertEqual(MYBERParse($data(0x01, 0x01, 0x00), nil), jens@16: $false); jens@16: jens@16: // integers: jens@16: CAssertEqual(MYBERParse($data(0x02, 0x01, 0x00), nil), jens@16: $object(0)); jens@16: CAssertEqual(MYBERParse($data(0x02, 0x01, 0x48), nil), jens@16: $object(72)); jens@16: CAssertEqual(MYBERParse($data(0x02, 0x01, 0x80), nil), jens@16: $object(-128)); jens@16: CAssertEqual(MYBERParse($data(0x02, 0x02, 0x00, 0x80), nil), jens@16: $object(128)); jens@16: CAssertEqual(MYBERParse($data(0x02, 0x02, 0x30,0x39), nil), jens@16: $object(12345)); jens@16: CAssertEqual(MYBERParse($data(0x02, 0x02, 0xCF, 0xC7), nil), jens@16: $object(-12345)); jens@16: CAssertEqual(MYBERParse($data(0x02, 0x04, 0x07, 0x5B, 0xCD, 0x15), nil), jens@16: $object(123456789)); jens@16: CAssertEqual(MYBERParse($data(0x02, 0x04, 0xF8, 0xA4, 0x32, 0xEB), nil), jens@16: $object(-123456789)); jens@16: CAssertEqual(MYBERParse($data(0x02, 0x04, 0xF8, 0xA4, 0x32, 0xEB), nil), jens@16: $object(-123456789)); jens@16: jens@16: // octet strings: jens@16: CAssertEqual(MYBERParse($data(0x04, 0x05, 'h', 'e', 'l', 'l', 'o'), nil), jens@16: [@"hello" dataUsingEncoding: NSASCIIStringEncoding]); jens@16: CAssertEqual(MYBERParse($data(0x04, 0x00), nil), jens@16: [NSData data]); jens@16: CAssertEqual(MYBERParse($data(0x0C, 0x05, 'h', 'e', 'l', 'l', 'o'), nil), jens@16: @"hello"); jens@16: jens@16: // sequences: jens@16: CAssertEqual(MYBERParse($data(0x30, 0x06, 0x02, 0x01, 0x48, 0x01, 0x01, 0xFF), nil), jens@16: $array($object(72), $true)); jens@16: CAssertEqual(MYBERParse($data(0x30, 0x10, jens@16: 0x30, 0x06, 0x02, 0x01, 0x48, 0x01, 0x01, 0xFF, jens@16: 0x30, 0x06, 0x02, 0x01, 0x48, 0x01, 0x01, 0xFF), nil), jens@16: $array( $array($object(72), $true), $array($object(72), $true))); jens@16: } jens@16: jens@16: jens@17: #import "MYCertificate.h" jens@17: #import "MYPublicKey.h" jens@17: jens@16: TestCase(ParseCert) { jens@16: NSData *cert = [NSData dataWithContentsOfFile: @"../../Tests/selfsigned.cer"]; jens@16: NSError *error = nil; jens@16: id parsed = MYBERParse(cert,&error); jens@16: CAssert(parsed); jens@16: CAssertNil(error); jens@16: NSString *dump = [MYASN1Object dump: parsed]; jens@16: CAssert(dump); jens@17: Log(@"Parsed selfsigned.cer:\n%@", dump); jens@17: jens@17: MYCertificate *myCert = [[MYCertificate alloc] initWithCertificateData: cert]; jens@17: CAssert(myCert); jens@19: id parsedPubKey = MYBERParse(myCert.publicKey.keyData, NULL); jens@17: Log(@"Parsed public key:\n%@", [MYASN1Object dump: parsedPubKey]); jens@16: jens@16: cert = [NSData dataWithContentsOfFile: @"../../Tests/iphonedev.cer"]; jens@16: parsed = MYBERParse(cert,&error); jens@16: CAssert(parsed); jens@16: CAssertNil(error); jens@16: dump = [MYASN1Object dump: parsed]; jens@16: CAssert(dump); jens@16: } jens@21: jens@21: jens@21: jens@21: /* jens@21: Copyright (c) 2009, Jens Alfke . All rights reserved. jens@21: jens@21: Redistribution and use in source and binary forms, with or without modification, are permitted jens@21: provided that the following conditions are met: jens@21: jens@21: * Redistributions of source code must retain the above copyright notice, this list of conditions jens@21: and the following disclaimer. jens@21: * Redistributions in binary form must reproduce the above copyright notice, this list of conditions jens@21: and the following disclaimer in the documentation and/or other materials provided with the jens@21: distribution. jens@21: jens@21: THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR jens@21: IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND jens@21: FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRI- jens@21: BUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES jens@21: (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR jens@21: PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN jens@21: CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF jens@21: THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. jens@21: */