From b421a7cf2a7e2efa899f19d987ced5817a48f889 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sat, 13 Mar 2021 23:13:05 +0200
Subject: [PATCH] ASN.1: Use the helper functions for recognizing tags and
 debug prints

Simplify the core ASN.1 parser implementation by using the helper
functions.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/tls/asn1.c | 33 +++++++++++++--------------------
 1 file changed, 13 insertions(+), 20 deletions(-)

diff --git a/src/tls/asn1.c b/src/tls/asn1.c
index 970f680c1..d4611edaf 100644
--- a/src/tls/asn1.c
+++ b/src/tls/asn1.c
@@ -205,7 +205,11 @@ int asn1_get_next(const u8 *buf, size_t len, struct asn1_hdr *hdr)
 
 	hdr->payload = pos;
 
-	return asn1_valid_der(hdr) ? 0 : -1;
+	if (!asn1_valid_der(hdr)) {
+		asn1_print_hdr(hdr, "ASN.1: Invalid DER encoding: ");
+		return -1;
+	}
+	return 0;
 }
 
 
@@ -272,12 +276,9 @@ int asn1_get_oid(const u8 *buf, size_t len, struct asn1_oid *oid,
 {
 	struct asn1_hdr hdr;
 
-	if (asn1_get_next(buf, len, &hdr) < 0 || hdr.length == 0)
-		return -1;
-
-	if (hdr.class != ASN1_CLASS_UNIVERSAL || hdr.tag != ASN1_TAG_OID) {
-		wpa_printf(MSG_DEBUG, "ASN.1: Expected OID - found class %d "
-			   "tag 0x%x", hdr.class, hdr.tag);
+	if (asn1_get_next(buf, len, &hdr) < 0 || hdr.length == 0 ||
+	    !asn1_is_oid(&hdr)) {
+		asn1_unexpected(&hdr, "ASN.1: Expected OID");
 		return -1;
 	}
 
@@ -376,13 +377,9 @@ int asn1_get_integer(const u8 *buf, size_t len, int *integer, const u8 **next)
 	const u8 *pos;
 	int value;
 
-	if (asn1_get_next(buf, len, &hdr) < 0 || hdr.length == 0)
-		return -1;
-
-	if (hdr.class != ASN1_CLASS_UNIVERSAL || hdr.tag != ASN1_TAG_INTEGER) {
-		wpa_printf(MSG_DEBUG,
-			   "ASN.1: Expected INTEGER - found class %d tag 0x%x",
-			   hdr.class, hdr.tag);
+	if (asn1_get_next(buf, len, &hdr) < 0 || hdr.length == 0 ||
+	    !asn1_is_integer(&hdr)) {
+		asn1_unexpected(&hdr, "ASN.1: Expected INTEGER");
 		return -1;
 	}
 
@@ -409,12 +406,8 @@ int asn1_get_integer(const u8 *buf, size_t len, int *integer, const u8 **next)
 int asn1_get_sequence(const u8 *buf, size_t len, struct asn1_hdr *hdr,
 		      const u8 **next)
 {
-	if (asn1_get_next(buf, len, hdr) < 0 ||
-	    hdr->class != ASN1_CLASS_UNIVERSAL ||
-	    hdr->tag != ASN1_TAG_SEQUENCE) {
-		wpa_printf(MSG_DEBUG,
-			   "ASN.1: Expected SEQUENCE - found class %d tag 0x%x",
-			   hdr->class, hdr->tag);
+	if (asn1_get_next(buf, len, hdr) < 0 || !asn1_is_sequence(hdr)) {
+		asn1_unexpected(hdr, "ASN.1: Expected SEQUENCE");
 		return -1;
 	}