1// Copyright 2009 The Go Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5// Package asn1 implements parsing of DER-encoded ASN.1 data structures, 6// as defined in ITU-T Rec X.690. 7// 8// See also ``A Layman's Guide to a Subset of ASN.1, BER, and DER,'' 9// http://luca.ntop.org/Teaching/Appunti/asn1.html. 10// 11// This is a fork of the Go standard library ASN.1 implementation 12// (encoding/asn1). The main difference is that this version tries to correct 13// for errors (e.g. use of tagPrintableString when the string data is really 14// ISO8859-1 - a common error present in many x509 certificates in the wild.) 15package asn1 16 17// ASN.1 is a syntax for specifying abstract objects and BER, DER, PER, XER etc 18// are different encoding formats for those objects. Here, we'll be dealing 19// with DER, the Distinguished Encoding Rules. DER is used in X.509 because 20// it's fast to parse and, unlike BER, has a unique encoding for every object. 21// When calculating hashes over objects, it's important that the resulting 22// bytes be the same at both ends and DER removes this margin of error. 23// 24// ASN.1 is very complex and this package doesn't attempt to implement 25// everything by any means. 26 27import ( 28 "errors" 29 "fmt" 30 "math" 31 "math/big" 32 "reflect" 33 "strconv" 34 "strings" 35 "time" 36 "unicode/utf8" 37) 38 39// A StructuralError suggests that the ASN.1 data is valid, but the Go type 40// which is receiving it doesn't match. 41type StructuralError struct { 42 Msg string 43 Field string 44} 45 46func (e StructuralError) Error() string { 47 var prefix string 48 if e.Field != "" { 49 prefix = e.Field + ": " 50 } 51 return "asn1: structure error: " + prefix + e.Msg 52} 53 54// A SyntaxError suggests that the ASN.1 data is invalid. 55type SyntaxError struct { 56 Msg string 57 Field string 58} 59 60func (e SyntaxError) Error() string { 61 var prefix string 62 if e.Field != "" { 63 prefix = e.Field + ": " 64 } 65 return "asn1: syntax error: " + prefix + e.Msg 66} 67 68// We start by dealing with each of the primitive types in turn. 69 70// BOOLEAN 71 72func parseBool(bytes []byte, fieldName string) (ret bool, err error) { 73 if len(bytes) != 1 { 74 err = SyntaxError{"invalid boolean", fieldName} 75 return 76 } 77 78 // DER demands that "If the encoding represents the boolean value TRUE, 79 // its single contents octet shall have all eight bits set to one." 80 // Thus only 0 and 255 are valid encoded values. 81 switch bytes[0] { 82 case 0: 83 ret = false 84 case 0xff: 85 ret = true 86 default: 87 err = SyntaxError{"invalid boolean", fieldName} 88 } 89 90 return 91} 92 93// INTEGER 94 95// checkInteger returns nil if the given bytes are a valid DER-encoded 96// INTEGER and an error otherwise. 97func checkInteger(bytes []byte, fieldName string) error { 98 if len(bytes) == 0 { 99 return StructuralError{"empty integer", fieldName} 100 } 101 if len(bytes) == 1 { 102 return nil 103 } 104 if (bytes[0] == 0 && bytes[1]&0x80 == 0) || (bytes[0] == 0xff && bytes[1]&0x80 == 0x80) { 105 return StructuralError{"integer not minimally-encoded", fieldName} 106 } 107 return nil 108} 109 110// parseInt64 treats the given bytes as a big-endian, signed integer and 111// returns the result. 112func parseInt64(bytes []byte, fieldName string) (ret int64, err error) { 113 err = checkInteger(bytes, fieldName) 114 if err != nil { 115 return 116 } 117 if len(bytes) > 8 { 118 // We'll overflow an int64 in this case. 119 err = StructuralError{"integer too large", fieldName} 120 return 121 } 122 for bytesRead := 0; bytesRead < len(bytes); bytesRead++ { 123 ret <<= 8 124 ret |= int64(bytes[bytesRead]) 125 } 126 127 // Shift up and down in order to sign extend the result. 128 ret <<= 64 - uint8(len(bytes))*8 129 ret >>= 64 - uint8(len(bytes))*8 130 return 131} 132 133// parseInt treats the given bytes as a big-endian, signed integer and returns 134// the result. 135func parseInt32(bytes []byte, fieldName string) (int32, error) { 136 if err := checkInteger(bytes, fieldName); err != nil { 137 return 0, err 138 } 139 ret64, err := parseInt64(bytes, fieldName) 140 if err != nil { 141 return 0, err 142 } 143 if ret64 != int64(int32(ret64)) { 144 return 0, StructuralError{"integer too large", fieldName} 145 } 146 return int32(ret64), nil 147} 148 149var bigOne = big.NewInt(1) 150 151// parseBigInt treats the given bytes as a big-endian, signed integer and returns 152// the result. 153func parseBigInt(bytes []byte, fieldName string) (*big.Int, error) { 154 if err := checkInteger(bytes, fieldName); err != nil { 155 return nil, err 156 } 157 ret := new(big.Int) 158 if len(bytes) > 0 && bytes[0]&0x80 == 0x80 { 159 // This is a negative number. 160 notBytes := make([]byte, len(bytes)) 161 for i := range notBytes { 162 notBytes[i] = ^bytes[i] 163 } 164 ret.SetBytes(notBytes) 165 ret.Add(ret, bigOne) 166 ret.Neg(ret) 167 return ret, nil 168 } 169 ret.SetBytes(bytes) 170 return ret, nil 171} 172 173// BIT STRING 174 175// BitString is the structure to use when you want an ASN.1 BIT STRING type. A 176// bit string is padded up to the nearest byte in memory and the number of 177// valid bits is recorded. Padding bits will be zero. 178type BitString struct { 179 Bytes []byte // bits packed into bytes. 180 BitLength int // length in bits. 181} 182 183// At returns the bit at the given index. If the index is out of range it 184// returns false. 185func (b BitString) At(i int) int { 186 if i < 0 || i >= b.BitLength { 187 return 0 188 } 189 x := i / 8 190 y := 7 - uint(i%8) 191 return int(b.Bytes[x]>>y) & 1 192} 193 194// RightAlign returns a slice where the padding bits are at the beginning. The 195// slice may share memory with the BitString. 196func (b BitString) RightAlign() []byte { 197 shift := uint(8 - (b.BitLength % 8)) 198 if shift == 8 || len(b.Bytes) == 0 { 199 return b.Bytes 200 } 201 202 a := make([]byte, len(b.Bytes)) 203 a[0] = b.Bytes[0] >> shift 204 for i := 1; i < len(b.Bytes); i++ { 205 a[i] = b.Bytes[i-1] << (8 - shift) 206 a[i] |= b.Bytes[i] >> shift 207 } 208 209 return a 210} 211 212// parseBitString parses an ASN.1 bit string from the given byte slice and returns it. 213func parseBitString(bytes []byte, fieldName string) (ret BitString, err error) { 214 if len(bytes) == 0 { 215 err = SyntaxError{"zero length BIT STRING", fieldName} 216 return 217 } 218 paddingBits := int(bytes[0]) 219 if paddingBits > 7 || 220 len(bytes) == 1 && paddingBits > 0 || 221 bytes[len(bytes)-1]&((1<<bytes[0])-1) != 0 { 222 err = SyntaxError{"invalid padding bits in BIT STRING", fieldName} 223 return 224 } 225 ret.BitLength = (len(bytes)-1)*8 - paddingBits 226 ret.Bytes = bytes[1:] 227 return 228} 229 230// NULL 231 232// NullRawValue is a RawValue with its Tag set to the ASN.1 NULL type tag (5). 233var NullRawValue = RawValue{Tag: TagNull} 234 235// NullBytes contains bytes representing the DER-encoded ASN.1 NULL type. 236var NullBytes = []byte{TagNull, 0} 237 238// OBJECT IDENTIFIER 239 240// An ObjectIdentifier represents an ASN.1 OBJECT IDENTIFIER. 241type ObjectIdentifier []int 242 243// Equal reports whether oi and other represent the same identifier. 244func (oi ObjectIdentifier) Equal(other ObjectIdentifier) bool { 245 if len(oi) != len(other) { 246 return false 247 } 248 for i := 0; i < len(oi); i++ { 249 if oi[i] != other[i] { 250 return false 251 } 252 } 253 254 return true 255} 256 257func (oi ObjectIdentifier) String() string { 258 var s string 259 260 for i, v := range oi { 261 if i > 0 { 262 s += "." 263 } 264 s += strconv.Itoa(v) 265 } 266 267 return s 268} 269 270// parseObjectIdentifier parses an OBJECT IDENTIFIER from the given bytes and 271// returns it. An object identifier is a sequence of variable length integers 272// that are assigned in a hierarchy. 273func parseObjectIdentifier(bytes []byte, fieldName string) (s []int, err error) { 274 if len(bytes) == 0 { 275 err = SyntaxError{"zero length OBJECT IDENTIFIER", fieldName} 276 return 277 } 278 279 // In the worst case, we get two elements from the first byte (which is 280 // encoded differently) and then every varint is a single byte long. 281 s = make([]int, len(bytes)+1) 282 283 // The first varint is 40*value1 + value2: 284 // According to this packing, value1 can take the values 0, 1 and 2 only. 285 // When value1 = 0 or value1 = 1, then value2 is <= 39. When value1 = 2, 286 // then there are no restrictions on value2. 287 v, offset, err := parseBase128Int(bytes, 0, fieldName) 288 if err != nil { 289 return 290 } 291 if v < 80 { 292 s[0] = v / 40 293 s[1] = v % 40 294 } else { 295 s[0] = 2 296 s[1] = v - 80 297 } 298 299 i := 2 300 for ; offset < len(bytes); i++ { 301 v, offset, err = parseBase128Int(bytes, offset, fieldName) 302 if err != nil { 303 return 304 } 305 s[i] = v 306 } 307 s = s[0:i] 308 return 309} 310 311// ENUMERATED 312 313// An Enumerated is represented as a plain int. 314type Enumerated int 315 316// FLAG 317 318// A Flag accepts any data and is set to true if present. 319type Flag bool 320 321// parseBase128Int parses a base-128 encoded int from the given offset in the 322// given byte slice. It returns the value and the new offset. 323func parseBase128Int(bytes []byte, initOffset int, fieldName string) (ret, offset int, err error) { 324 offset = initOffset 325 var ret64 int64 326 for shifted := 0; offset < len(bytes); shifted++ { 327 // 5 * 7 bits per byte == 35 bits of data 328 // Thus the representation is either non-minimal or too large for an int32 329 if shifted == 5 { 330 err = StructuralError{"base 128 integer too large", fieldName} 331 return 332 } 333 ret64 <<= 7 334 b := bytes[offset] 335 ret64 |= int64(b & 0x7f) 336 offset++ 337 if b&0x80 == 0 { 338 ret = int(ret64) 339 // Ensure that the returned value fits in an int on all platforms 340 if ret64 > math.MaxInt32 { 341 err = StructuralError{"base 128 integer too large", fieldName} 342 } 343 return 344 } 345 } 346 err = SyntaxError{"truncated base 128 integer", fieldName} 347 return 348} 349 350// UTCTime 351 352func parseUTCTime(bytes []byte) (ret time.Time, err error) { 353 s := string(bytes) 354 355 formatStr := "0601021504Z0700" 356 ret, err = time.Parse(formatStr, s) 357 if err != nil { 358 formatStr = "060102150405Z0700" 359 ret, err = time.Parse(formatStr, s) 360 } 361 if err != nil { 362 return 363 } 364 365 if serialized := ret.Format(formatStr); serialized != s { 366 err = fmt.Errorf("asn1: time did not serialize back to the original value and may be invalid: given %q, but serialized as %q", s, serialized) 367 return 368 } 369 370 if ret.Year() >= 2050 { 371 // UTCTime only encodes times prior to 2050. See https://tools.ietf.org/html/rfc5280#section-4.1.2.5.1 372 ret = ret.AddDate(-100, 0, 0) 373 } 374 375 return 376} 377 378// parseGeneralizedTime parses the GeneralizedTime from the given byte slice 379// and returns the resulting time. 380func parseGeneralizedTime(bytes []byte) (ret time.Time, err error) { 381 const formatStr = "20060102150405Z0700" 382 s := string(bytes) 383 384 if ret, err = time.Parse(formatStr, s); err != nil { 385 return 386 } 387 388 if serialized := ret.Format(formatStr); serialized != s { 389 err = fmt.Errorf("asn1: time did not serialize back to the original value and may be invalid: given %q, but serialized as %q", s, serialized) 390 } 391 392 return 393} 394 395// NumericString 396 397// parseNumericString parses an ASN.1 NumericString from the given byte array 398// and returns it. 399func parseNumericString(bytes []byte, fieldName string) (ret string, err error) { 400 for _, b := range bytes { 401 if !isNumeric(b) { 402 return "", SyntaxError{"NumericString contains invalid character", fieldName} 403 } 404 } 405 return string(bytes), nil 406} 407 408// isNumeric reports whether the given b is in the ASN.1 NumericString set. 409func isNumeric(b byte) bool { 410 return '0' <= b && b <= '9' || 411 b == ' ' 412} 413 414// PrintableString 415 416// parsePrintableString parses an ASN.1 PrintableString from the given byte 417// array and returns it. 418func parsePrintableString(bytes []byte, fieldName string) (ret string, err error) { 419 for _, b := range bytes { 420 if !isPrintable(b, allowAsterisk, allowAmpersand) { 421 err = SyntaxError{"PrintableString contains invalid character", fieldName} 422 return 423 } 424 } 425 ret = string(bytes) 426 return 427} 428 429type asteriskFlag bool 430type ampersandFlag bool 431 432const ( 433 allowAsterisk asteriskFlag = true 434 rejectAsterisk asteriskFlag = false 435 436 allowAmpersand ampersandFlag = true 437 rejectAmpersand ampersandFlag = false 438) 439 440// isPrintable reports whether the given b is in the ASN.1 PrintableString set. 441// If asterisk is allowAsterisk then '*' is also allowed, reflecting existing 442// practice. If ampersand is allowAmpersand then '&' is allowed as well. 443func isPrintable(b byte, asterisk asteriskFlag, ampersand ampersandFlag) bool { 444 return 'a' <= b && b <= 'z' || 445 'A' <= b && b <= 'Z' || 446 '0' <= b && b <= '9' || 447 '\'' <= b && b <= ')' || 448 '+' <= b && b <= '/' || 449 b == ' ' || 450 b == ':' || 451 b == '=' || 452 b == '?' || 453 // This is technically not allowed in a PrintableString. 454 // However, x509 certificates with wildcard strings don't 455 // always use the correct string type so we permit it. 456 (bool(asterisk) && b == '*') || 457 // This is not technically allowed either. However, not 458 // only is it relatively common, but there are also a 459 // handful of CA certificates that contain it. At least 460 // one of which will not expire until 2027. 461 (bool(ampersand) && b == '&') 462} 463 464// IA5String 465 466// parseIA5String parses an ASN.1 IA5String (ASCII string) from the given 467// byte slice and returns it. 468func parseIA5String(bytes []byte, fieldName string) (ret string, err error) { 469 for _, b := range bytes { 470 if b >= utf8.RuneSelf { 471 err = SyntaxError{"IA5String contains invalid character", fieldName} 472 return 473 } 474 } 475 ret = string(bytes) 476 return 477} 478 479// T61String 480 481// parseT61String parses an ASN.1 T61String (8-bit clean string) from the given 482// byte slice and returns it. 483func parseT61String(bytes []byte) (ret string, err error) { 484 return string(bytes), nil 485} 486 487// UTF8String 488 489// parseUTF8String parses an ASN.1 UTF8String (raw UTF-8) from the given byte 490// array and returns it. 491func parseUTF8String(bytes []byte) (ret string, err error) { 492 if !utf8.Valid(bytes) { 493 return "", errors.New("asn1: invalid UTF-8 string") 494 } 495 return string(bytes), nil 496} 497 498// A RawValue represents an undecoded ASN.1 object. 499type RawValue struct { 500 Class, Tag int 501 IsCompound bool 502 Bytes []byte 503 FullBytes []byte // includes the tag and length 504} 505 506// RawContent is used to signal that the undecoded, DER data needs to be 507// preserved for a struct. To use it, the first field of the struct must have 508// this type. It's an error for any of the other fields to have this type. 509type RawContent []byte 510 511// Tagging 512 513// parseTagAndLength parses an ASN.1 tag and length pair from the given offset 514// into a byte slice. It returns the parsed data and the new offset. SET and 515// SET OF (tag 17) are mapped to SEQUENCE and SEQUENCE OF (tag 16) since we 516// don't distinguish between ordered and unordered objects in this code. 517func parseTagAndLength(bytes []byte, initOffset int, fieldName string) (ret tagAndLength, offset int, err error) { 518 offset = initOffset 519 // parseTagAndLength should not be called without at least a single 520 // byte to read. Thus this check is for robustness: 521 if offset >= len(bytes) { 522 err = errors.New("asn1: internal error in parseTagAndLength") 523 return 524 } 525 b := bytes[offset] 526 offset++ 527 ret.class = int(b >> 6) 528 ret.isCompound = b&0x20 == 0x20 529 ret.tag = int(b & 0x1f) 530 531 // If the bottom five bits are set, then the tag number is actually base 128 532 // encoded afterwards 533 if ret.tag == 0x1f { 534 ret.tag, offset, err = parseBase128Int(bytes, offset, fieldName) 535 if err != nil { 536 return 537 } 538 // Tags should be encoded in minimal form. 539 if ret.tag < 0x1f { 540 err = SyntaxError{"non-minimal tag", fieldName} 541 return 542 } 543 } 544 if offset >= len(bytes) { 545 err = SyntaxError{"truncated tag or length", fieldName} 546 return 547 } 548 b = bytes[offset] 549 offset++ 550 if b&0x80 == 0 { 551 // The length is encoded in the bottom 7 bits. 552 ret.length = int(b & 0x7f) 553 } else { 554 // Bottom 7 bits give the number of length bytes to follow. 555 numBytes := int(b & 0x7f) 556 if numBytes == 0 { 557 err = SyntaxError{"indefinite length found (not DER)", fieldName} 558 return 559 } 560 ret.length = 0 561 for i := 0; i < numBytes; i++ { 562 if offset >= len(bytes) { 563 err = SyntaxError{"truncated tag or length", fieldName} 564 return 565 } 566 b = bytes[offset] 567 offset++ 568 if ret.length >= 1<<23 { 569 // We can't shift ret.length up without 570 // overflowing. 571 err = StructuralError{"length too large", fieldName} 572 return 573 } 574 ret.length <<= 8 575 ret.length |= int(b) 576 if ret.length == 0 { 577 // DER requires that lengths be minimal. 578 err = StructuralError{"superfluous leading zeros in length", fieldName} 579 return 580 } 581 } 582 // Short lengths must be encoded in short form. 583 if ret.length < 0x80 { 584 err = StructuralError{"non-minimal length", fieldName} 585 return 586 } 587 } 588 589 return 590} 591 592// parseSequenceOf is used for SEQUENCE OF and SET OF values. It tries to parse 593// a number of ASN.1 values from the given byte slice and returns them as a 594// slice of Go values of the given type. 595func parseSequenceOf(bytes []byte, sliceType reflect.Type, elemType reflect.Type, fieldName string) (ret reflect.Value, err error) { 596 matchAny, expectedTag, compoundType, ok := getUniversalType(elemType) 597 if !ok { 598 err = StructuralError{"unknown Go type for slice", fieldName} 599 return 600 } 601 602 // First we iterate over the input and count the number of elements, 603 // checking that the types are correct in each case. 604 numElements := 0 605 for offset := 0; offset < len(bytes); { 606 var t tagAndLength 607 t, offset, err = parseTagAndLength(bytes, offset, fieldName) 608 if err != nil { 609 return 610 } 611 switch t.tag { 612 case TagIA5String, TagGeneralString, TagT61String, TagUTF8String, TagNumericString: 613 // We pretend that various other string types are 614 // PRINTABLE STRINGs so that a sequence of them can be 615 // parsed into a []string. 616 t.tag = TagPrintableString 617 case TagGeneralizedTime, TagUTCTime: 618 // Likewise, both time types are treated the same. 619 t.tag = TagUTCTime 620 } 621 622 if !matchAny && (t.class != ClassUniversal || t.isCompound != compoundType || t.tag != expectedTag) { 623 err = StructuralError{fmt.Sprintf("sequence tag mismatch (got:%+v, want:0/%d/%t)", t, expectedTag, compoundType), fieldName} 624 return 625 } 626 if invalidLength(offset, t.length, len(bytes)) { 627 err = SyntaxError{"truncated sequence", fieldName} 628 return 629 } 630 offset += t.length 631 numElements++ 632 } 633 ret = reflect.MakeSlice(sliceType, numElements, numElements) 634 params := fieldParameters{} 635 offset := 0 636 for i := 0; i < numElements; i++ { 637 offset, err = parseField(ret.Index(i), bytes, offset, params) 638 if err != nil { 639 return 640 } 641 } 642 return 643} 644 645var ( 646 bitStringType = reflect.TypeOf(BitString{}) 647 objectIdentifierType = reflect.TypeOf(ObjectIdentifier{}) 648 enumeratedType = reflect.TypeOf(Enumerated(0)) 649 flagType = reflect.TypeOf(Flag(false)) 650 timeType = reflect.TypeOf(time.Time{}) 651 rawValueType = reflect.TypeOf(RawValue{}) 652 rawContentsType = reflect.TypeOf(RawContent(nil)) 653 bigIntType = reflect.TypeOf(new(big.Int)) 654) 655 656// invalidLength returns true iff offset + length > sliceLength, or if the 657// addition would overflow. 658func invalidLength(offset, length, sliceLength int) bool { 659 return offset+length < offset || offset+length > sliceLength 660} 661 662// Tests whether the data in |bytes| would be a valid ISO8859-1 string. 663// Clearly, a sequence of bytes comprised solely of valid ISO8859-1 664// codepoints does not imply that the encoding MUST be ISO8859-1, rather that 665// you would not encounter an error trying to interpret the data as such. 666func couldBeISO8859_1(bytes []byte) bool { 667 for _, b := range bytes { 668 if b < 0x20 || (b >= 0x7F && b < 0xA0) { 669 return false 670 } 671 } 672 return true 673} 674 675// Checks whether the data in |bytes| would be a valid T.61 string. 676// Clearly, a sequence of bytes comprised solely of valid T.61 677// codepoints does not imply that the encoding MUST be T.61, rather that 678// you would not encounter an error trying to interpret the data as such. 679func couldBeT61(bytes []byte) bool { 680 for _, b := range bytes { 681 switch b { 682 case 0x00: 683 // Since we're guessing at (incorrect) encodings for a 684 // PrintableString, we'll err on the side of caution and disallow 685 // strings with a NUL in them, don't want to re-create a PayPal NUL 686 // situation in monitors. 687 fallthrough 688 case 0x23, 0x24, 0x5C, 0x5E, 0x60, 0x7B, 0x7D, 0x7E, 0xA5, 0xA6, 0xAC, 0xAD, 0xAE, 0xAF, 689 0xB9, 0xBA, 0xC0, 0xC9, 0xD0, 0xD1, 0xD2, 0xD3, 0xD4, 0xD5, 0xD6, 0xD7, 0xD8, 0xD9, 690 0xDA, 0xDB, 0xDC, 0xDE, 0xDF, 0xE5, 0xFF: 691 // These are all invalid code points in T.61, so it can't be a T.61 string. 692 return false 693 } 694 } 695 return true 696} 697 698// Converts the data in |bytes| to the equivalent UTF-8 string. 699func iso8859_1ToUTF8(bytes []byte) string { 700 buf := make([]rune, len(bytes)) 701 for i, b := range bytes { 702 buf[i] = rune(b) 703 } 704 return string(buf) 705} 706 707// parseField is the main parsing function. Given a byte slice and an offset 708// into the array, it will try to parse a suitable ASN.1 value out and store it 709// in the given Value. 710func parseField(v reflect.Value, bytes []byte, initOffset int, params fieldParameters) (offset int, err error) { 711 offset = initOffset 712 fieldType := v.Type() 713 714 // If we have run out of data, it may be that there are optional elements at the end. 715 if offset == len(bytes) { 716 if !setDefaultValue(v, params) { 717 err = SyntaxError{"sequence truncated", params.name} 718 } 719 return 720 } 721 722 // Deal with the ANY type. 723 if ifaceType := fieldType; ifaceType.Kind() == reflect.Interface && ifaceType.NumMethod() == 0 { 724 var t tagAndLength 725 t, offset, err = parseTagAndLength(bytes, offset, params.name) 726 if err != nil { 727 return 728 } 729 if invalidLength(offset, t.length, len(bytes)) { 730 err = SyntaxError{"data truncated", params.name} 731 return 732 } 733 var result interface{} 734 if !t.isCompound && t.class == ClassUniversal { 735 innerBytes := bytes[offset : offset+t.length] 736 switch t.tag { 737 case TagPrintableString: 738 result, err = parsePrintableString(innerBytes, params.name) 739 if err != nil && strings.Contains(err.Error(), "PrintableString contains invalid character") { 740 // Probably an ISO8859-1 string stuffed in, check if it 741 // would be valid and assume that's what's happened if so, 742 // otherwise try T.61, failing that give up and just assign 743 // the bytes 744 switch { 745 case couldBeISO8859_1(innerBytes): 746 result, err = iso8859_1ToUTF8(innerBytes), nil 747 case couldBeT61(innerBytes): 748 result, err = parseT61String(innerBytes) 749 default: 750 result = nil 751 err = errors.New("PrintableString contains invalid character, but couldn't determine correct String type.") 752 } 753 } 754 case TagNumericString: 755 result, err = parseNumericString(innerBytes, params.name) 756 case TagIA5String: 757 result, err = parseIA5String(innerBytes, params.name) 758 case TagT61String: 759 result, err = parseT61String(innerBytes) 760 case TagUTF8String: 761 result, err = parseUTF8String(innerBytes) 762 case TagInteger: 763 result, err = parseInt64(innerBytes, params.name) 764 case TagBitString: 765 result, err = parseBitString(innerBytes, params.name) 766 case TagOID: 767 result, err = parseObjectIdentifier(innerBytes, params.name) 768 case TagUTCTime: 769 result, err = parseUTCTime(innerBytes) 770 case TagGeneralizedTime: 771 result, err = parseGeneralizedTime(innerBytes) 772 case TagOctetString: 773 result = innerBytes 774 default: 775 // If we don't know how to handle the type, we just leave Value as nil. 776 } 777 } 778 offset += t.length 779 if err != nil { 780 return 781 } 782 if result != nil { 783 v.Set(reflect.ValueOf(result)) 784 } 785 return 786 } 787 788 t, offset, err := parseTagAndLength(bytes, offset, params.name) 789 if err != nil { 790 return 791 } 792 if params.explicit { 793 expectedClass := ClassContextSpecific 794 if params.application { 795 expectedClass = ClassApplication 796 } 797 if offset == len(bytes) { 798 err = StructuralError{"explicit tag has no child", params.name} 799 return 800 } 801 if t.class == expectedClass && t.tag == *params.tag && (t.length == 0 || t.isCompound) { 802 if fieldType == rawValueType { 803 // The inner element should not be parsed for RawValues. 804 } else if t.length > 0 { 805 t, offset, err = parseTagAndLength(bytes, offset, params.name) 806 if err != nil { 807 return 808 } 809 } else { 810 if fieldType != flagType { 811 err = StructuralError{"zero length explicit tag was not an asn1.Flag", params.name} 812 return 813 } 814 v.SetBool(true) 815 return 816 } 817 } else { 818 // The tags didn't match, it might be an optional element. 819 ok := setDefaultValue(v, params) 820 if ok { 821 offset = initOffset 822 } else { 823 err = StructuralError{"explicitly tagged member didn't match", params.name} 824 } 825 return 826 } 827 } 828 829 matchAny, universalTag, compoundType, ok1 := getUniversalType(fieldType) 830 if !ok1 { 831 err = StructuralError{fmt.Sprintf("unknown Go type: %v", fieldType), params.name} 832 return 833 } 834 835 // Special case for strings: all the ASN.1 string types map to the Go 836 // type string. getUniversalType returns the tag for PrintableString 837 // when it sees a string, so if we see a different string type on the 838 // wire, we change the universal type to match. 839 if universalTag == TagPrintableString { 840 if t.class == ClassUniversal { 841 switch t.tag { 842 case TagIA5String, TagGeneralString, TagT61String, TagUTF8String, TagNumericString: 843 universalTag = t.tag 844 } 845 } else if params.stringType != 0 { 846 universalTag = params.stringType 847 } 848 } 849 850 // Special case for time: UTCTime and GeneralizedTime both map to the 851 // Go type time.Time. 852 if universalTag == TagUTCTime && t.tag == TagGeneralizedTime && t.class == ClassUniversal { 853 universalTag = TagGeneralizedTime 854 } 855 856 if params.set { 857 universalTag = TagSet 858 } 859 860 matchAnyClassAndTag := matchAny 861 expectedClass := ClassUniversal 862 expectedTag := universalTag 863 864 if !params.explicit && params.tag != nil { 865 expectedClass = ClassContextSpecific 866 expectedTag = *params.tag 867 matchAnyClassAndTag = false 868 } 869 870 if !params.explicit && params.application && params.tag != nil { 871 expectedClass = ClassApplication 872 expectedTag = *params.tag 873 matchAnyClassAndTag = false 874 } 875 876 // We have unwrapped any explicit tagging at this point. 877 if !matchAnyClassAndTag && (t.class != expectedClass || t.tag != expectedTag) || 878 (!matchAny && t.isCompound != compoundType) { 879 // Tags don't match. Again, it could be an optional element. 880 ok := setDefaultValue(v, params) 881 if ok { 882 offset = initOffset 883 } else { 884 err = StructuralError{fmt.Sprintf("tags don't match (%d vs %+v) %+v %s @%d", expectedTag, t, params, fieldType.Name(), offset), params.name} 885 } 886 return 887 } 888 if invalidLength(offset, t.length, len(bytes)) { 889 err = SyntaxError{"data truncated", params.name} 890 return 891 } 892 innerBytes := bytes[offset : offset+t.length] 893 offset += t.length 894 895 // We deal with the structures defined in this package first. 896 switch fieldType { 897 case rawValueType: 898 result := RawValue{t.class, t.tag, t.isCompound, innerBytes, bytes[initOffset:offset]} 899 v.Set(reflect.ValueOf(result)) 900 return 901 case objectIdentifierType: 902 newSlice, err1 := parseObjectIdentifier(innerBytes, params.name) 903 v.Set(reflect.MakeSlice(v.Type(), len(newSlice), len(newSlice))) 904 if err1 == nil { 905 reflect.Copy(v, reflect.ValueOf(newSlice)) 906 } 907 err = err1 908 return 909 case bitStringType: 910 bs, err1 := parseBitString(innerBytes, params.name) 911 if err1 == nil { 912 v.Set(reflect.ValueOf(bs)) 913 } 914 err = err1 915 return 916 case timeType: 917 var time time.Time 918 var err1 error 919 if universalTag == TagUTCTime { 920 time, err1 = parseUTCTime(innerBytes) 921 } else { 922 time, err1 = parseGeneralizedTime(innerBytes) 923 } 924 if err1 == nil { 925 v.Set(reflect.ValueOf(time)) 926 } 927 err = err1 928 return 929 case enumeratedType: 930 parsedInt, err1 := parseInt32(innerBytes, params.name) 931 if err1 == nil { 932 v.SetInt(int64(parsedInt)) 933 } 934 err = err1 935 return 936 case flagType: 937 v.SetBool(true) 938 return 939 case bigIntType: 940 parsedInt, err1 := parseBigInt(innerBytes, params.name) 941 if err1 == nil { 942 v.Set(reflect.ValueOf(parsedInt)) 943 } 944 err = err1 945 return 946 } 947 switch val := v; val.Kind() { 948 case reflect.Bool: 949 parsedBool, err1 := parseBool(innerBytes, params.name) 950 if err1 == nil { 951 val.SetBool(parsedBool) 952 } 953 err = err1 954 return 955 case reflect.Int, reflect.Int32, reflect.Int64: 956 if val.Type().Size() == 4 { 957 parsedInt, err1 := parseInt32(innerBytes, params.name) 958 if err1 == nil { 959 val.SetInt(int64(parsedInt)) 960 } 961 err = err1 962 } else { 963 parsedInt, err1 := parseInt64(innerBytes, params.name) 964 if err1 == nil { 965 val.SetInt(parsedInt) 966 } 967 err = err1 968 } 969 return 970 // TODO(dfc) Add support for the remaining integer types 971 case reflect.Struct: 972 structType := fieldType 973 974 for i := 0; i < structType.NumField(); i++ { 975 if structType.Field(i).PkgPath != "" { 976 err = StructuralError{"struct contains unexported fields", structType.Field(i).Name} 977 return 978 } 979 } 980 981 if structType.NumField() > 0 && 982 structType.Field(0).Type == rawContentsType { 983 bytes := bytes[initOffset:offset] 984 val.Field(0).Set(reflect.ValueOf(RawContent(bytes))) 985 } 986 987 innerOffset := 0 988 for i := 0; i < structType.NumField(); i++ { 989 field := structType.Field(i) 990 if i == 0 && field.Type == rawContentsType { 991 continue 992 } 993 innerParams := parseFieldParameters(field.Tag.Get("asn1")) 994 innerParams.name = field.Name 995 innerOffset, err = parseField(val.Field(i), innerBytes, innerOffset, innerParams) 996 if err != nil { 997 return 998 } 999 } 1000 // We allow extra bytes at the end of the SEQUENCE because 1001 // adding elements to the end has been used in X.509 as the 1002 // version numbers have increased. 1003 return 1004 case reflect.Slice: 1005 sliceType := fieldType 1006 if sliceType.Elem().Kind() == reflect.Uint8 { 1007 val.Set(reflect.MakeSlice(sliceType, len(innerBytes), len(innerBytes))) 1008 reflect.Copy(val, reflect.ValueOf(innerBytes)) 1009 return 1010 } 1011 newSlice, err1 := parseSequenceOf(innerBytes, sliceType, sliceType.Elem(), params.name) 1012 if err1 == nil { 1013 val.Set(newSlice) 1014 } 1015 err = err1 1016 return 1017 case reflect.String: 1018 var v string 1019 switch universalTag { 1020 case TagPrintableString: 1021 v, err = parsePrintableString(innerBytes, params.name) 1022 case TagNumericString: 1023 v, err = parseNumericString(innerBytes, params.name) 1024 case TagIA5String: 1025 v, err = parseIA5String(innerBytes, params.name) 1026 case TagT61String: 1027 v, err = parseT61String(innerBytes) 1028 case TagUTF8String: 1029 v, err = parseUTF8String(innerBytes) 1030 case TagGeneralString: 1031 // GeneralString is specified in ISO-2022/ECMA-35, 1032 // A brief review suggests that it includes structures 1033 // that allow the encoding to change midstring and 1034 // such. We give up and pass it as an 8-bit string. 1035 v, err = parseT61String(innerBytes) 1036 default: 1037 err = SyntaxError{fmt.Sprintf("internal error: unknown string type %d", universalTag), params.name} 1038 } 1039 if err == nil { 1040 val.SetString(v) 1041 } 1042 return 1043 } 1044 err = StructuralError{"unsupported: " + v.Type().String(), params.name} 1045 return 1046} 1047 1048// canHaveDefaultValue reports whether k is a Kind that we will set a default 1049// value for. (A signed integer, essentially.) 1050func canHaveDefaultValue(k reflect.Kind) bool { 1051 switch k { 1052 case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: 1053 return true 1054 } 1055 1056 return false 1057} 1058 1059// setDefaultValue is used to install a default value, from a tag string, into 1060// a Value. It is successful if the field was optional, even if a default value 1061// wasn't provided or it failed to install it into the Value. 1062func setDefaultValue(v reflect.Value, params fieldParameters) (ok bool) { 1063 if !params.optional { 1064 return 1065 } 1066 ok = true 1067 if params.defaultValue == nil { 1068 return 1069 } 1070 if canHaveDefaultValue(v.Kind()) { 1071 v.SetInt(*params.defaultValue) 1072 } 1073 return 1074} 1075 1076// Unmarshal parses the DER-encoded ASN.1 data structure b 1077// and uses the reflect package to fill in an arbitrary value pointed at by val. 1078// Because Unmarshal uses the reflect package, the structs 1079// being written to must use upper case field names. 1080// 1081// An ASN.1 INTEGER can be written to an int, int32, int64, 1082// or *big.Int (from the math/big package). 1083// If the encoded value does not fit in the Go type, 1084// Unmarshal returns a parse error. 1085// 1086// An ASN.1 BIT STRING can be written to a BitString. 1087// 1088// An ASN.1 OCTET STRING can be written to a []byte. 1089// 1090// An ASN.1 OBJECT IDENTIFIER can be written to an 1091// ObjectIdentifier. 1092// 1093// An ASN.1 ENUMERATED can be written to an Enumerated. 1094// 1095// An ASN.1 UTCTIME or GENERALIZEDTIME can be written to a time.Time. 1096// 1097// An ASN.1 PrintableString, IA5String, or NumericString can be written to a string. 1098// 1099// Any of the above ASN.1 values can be written to an interface{}. 1100// The value stored in the interface has the corresponding Go type. 1101// For integers, that type is int64. 1102// 1103// An ASN.1 SEQUENCE OF x or SET OF x can be written 1104// to a slice if an x can be written to the slice's element type. 1105// 1106// An ASN.1 SEQUENCE or SET can be written to a struct 1107// if each of the elements in the sequence can be 1108// written to the corresponding element in the struct. 1109// 1110// The following tags on struct fields have special meaning to Unmarshal: 1111// 1112// application specifies that an APPLICATION tag is used 1113// default:x sets the default value for optional integer fields (only used if optional is also present) 1114// explicit specifies that an additional, explicit tag wraps the implicit one 1115// optional marks the field as ASN.1 OPTIONAL 1116// set causes a SET, rather than a SEQUENCE type to be expected 1117// tag:x specifies the ASN.1 tag number; implies ASN.1 CONTEXT SPECIFIC 1118// 1119// If the type of the first field of a structure is RawContent then the raw 1120// ASN1 contents of the struct will be stored in it. 1121// 1122// If the type name of a slice element ends with "SET" then it's treated as if 1123// the "set" tag was set on it. This can be used with nested slices where a 1124// struct tag cannot be given. 1125// 1126// Other ASN.1 types are not supported; if it encounters them, 1127// Unmarshal returns a parse error. 1128func Unmarshal(b []byte, val interface{}) (rest []byte, err error) { 1129 return UnmarshalWithParams(b, val, "") 1130} 1131 1132// UnmarshalWithParams allows field parameters to be specified for the 1133// top-level element. The form of the params is the same as the field tags. 1134func UnmarshalWithParams(b []byte, val interface{}, params string) (rest []byte, err error) { 1135 v := reflect.ValueOf(val).Elem() 1136 offset, err := parseField(v, b, 0, parseFieldParameters(params)) 1137 if err != nil { 1138 return nil, err 1139 } 1140 return b[offset:], nil 1141} 1142