# HG changeset patch # User František Kučera # Date 1626541102 -7200 # Node ID 13aa7280ac7b45786850ee21fdf663faed424278 # Parent 00d76921c54790127a8d9a053d5f36d3c4914bce parse encapsulated structures (octet string or bit string containing valid ASN.1): add ValidatingASN1ContentHandler → avoid at least some false positives diff -r 00d76921c547 -r 13aa7280ac7b nbproject/configurations.xml --- a/nbproject/configurations.xml Sat Jul 17 18:13:27 2021 +0200 +++ b/nbproject/configurations.xml Sat Jul 17 18:58:22 2021 +0200 @@ -52,6 +52,7 @@ GenericASN1ContentHandler.h ProxyVector.h TransactionalBuffer.h + ValidatingASN1ContentHandler.h XMLContentHandler.h XMLDocumentConstructor.h @@ -138,6 +139,11 @@ + + @@ -205,6 +211,11 @@ + + diff -r 00d76921c547 -r 13aa7280ac7b src/lib/BasicASN1Reader.h --- a/src/lib/BasicASN1Reader.h Sat Jul 17 18:13:27 2021 +0200 +++ b/src/lib/BasicASN1Reader.h Sat Jul 17 18:58:22 2021 +0200 @@ -23,6 +23,7 @@ #include #include "ASN1Reader.h" +#include "ValidatingASN1ContentHandler.h" namespace relpipe { namespace in { @@ -284,6 +285,8 @@ bool isValidBER(const std::string& input) { BasicASN1Reader encapsulatedReader; + std::shared_ptr validatingHandler = std::make_shared(); + encapsulatedReader.addHandler(validatingHandler); try { encapsulatedReader.write((const uint8_t*) input.c_str(), input.size()); encapsulatedReader.close(); diff -r 00d76921c547 -r 13aa7280ac7b src/lib/ValidatingASN1ContentHandler.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/lib/ValidatingASN1ContentHandler.h Sat Jul 17 18:58:22 2021 +0200 @@ -0,0 +1,102 @@ +/** + * Relational pipes + * Copyright © 2021 František Kučera (Frantovo.cz, GlobalCode.info) + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, version 3 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ +#pragma once + +#include +#include + +#include "ASN1ContentHandler.h" + +namespace relpipe { +namespace in { +namespace asn1 { +namespace lib { + +/** + * Does not generate any output but enforces certain rules (related to stream and collection start/end). + * When invalid behavior occurs, an exception is thrown. + * + */ +class ValidatingASN1ContentHandler : public ASN1ContentHandler { +private: + bool streamOpened = false; + bool streamClosed = false; + size_t collectionLevel = 0; +public: + + virtual void writeStreamStart() { + if (streamOpened) throw std::logic_error("ValidatingASN1ContentHandler: tried to open the stream twice"); // TODO: better exception + if (streamClosed) throw std::logic_error("ValidatingASN1ContentHandler: tried to open the stream that was already closed"); // TODO: better exception + streamOpened = true; + } + + virtual void writeStreamEnd() { + if (streamClosed) throw std::logic_error("ValidatingASN1ContentHandler: tried to close the stream twice"); // TODO: better exception + if (!streamOpened) throw std::logic_error("ValidatingASN1ContentHandler: tried to close a stream that was already closed or never opened"); // TODO: better exception + if (collectionLevel != 0) throw std::logic_error("ValidatingASN1ContentHandler: not all opened collections was closed – remaining: " + std::to_string(collectionLevel)); // TODO: better exception + streamClosed = true; + } + + virtual void writeCollectionStart(const Header& header) { + if (!streamOpened) throw std::logic_error("ValidatingASN1ContentHandler: tried to open a collection while the stream was not opened"); // TODO: better exception + if (streamClosed) throw std::logic_error("ValidatingASN1ContentHandler: tried to open a collection while the stream was already closed"); // TODO: better exception + collectionLevel++; + } + + virtual void writeCollectionEnd() { + if (streamClosed) throw std::logic_error("ValidatingASN1ContentHandler: tried to close a collection while the stream was already closed"); // TODO: better exception + if (collectionLevel == 0) throw std::logic_error("ValidatingASN1ContentHandler: tried to close a collection while none was opened"); // TODO: better exception + collectionLevel--; + } + + virtual void finalCheck() { + if (!streamOpened) throw std::logic_error("ValidatingASN1ContentHandler: the stream was not opened at all"); // TODO: better exception + if (!streamClosed) throw std::logic_error("ValidatingASN1ContentHandler: the stream was opened but not closed"); // TODO: better exception + } + + // These events are intentionally ignored: + + void writeBitString(const Header& header, std::vector value) override { + } + + void writeBoolean(const Header& header, bool value) override { + } + + void writeDateTime(const Header& header, DateTime value) override { + } + + void writeInteger(const Header& header, Integer value) override { + } + + void writeNull(const Header& header) override { + } + + void writeOID(const Header& header, ObjectIdentifier value) override { + } + + void writeOctetString(const Header& header, std::string value) override { + } + + void writeTextString(const Header& header, std::string value) override { + } + +}; + +} +} +} +}