palemoon-dev/platform/security/nss/lib/util/secasn1e.c

/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

/*
 * Support for ENcoding ASN.1 data based on BER/DER (Basic/Distinguished
 * Encoding Rules).
 */

#include "secasn1.h"

typedef enum {
    beforeHeader,
    duringContents,
    duringGroup,
    duringSequence,
    afterContents,
    afterImplicit,
    afterInline,
    afterPointer,
    afterChoice,
    notInUse
} sec_asn1e_parse_place;

typedef enum {
    allDone,
    encodeError,
    keepGoing,
    needBytes
} sec_asn1e_parse_status;

typedef enum {
    hdr_normal = 0,     /* encode header normally */
    hdr_any = 1,        /* header already encoded in content */
    hdr_decoder = 2,    /* template only used by decoder. skip it. */
    hdr_optional = 3,   /* optional component, to be omitted */
    hdr_placeholder = 4 /* place holder for from_buf content */
} sec_asn1e_hdr_encoding;

typedef struct sec_asn1e_state_struct {
    SEC_ASN1EncoderContext *top;
    const SEC_ASN1Template *theTemplate;
    void *src;

    struct sec_asn1e_state_struct *parent; /* aka prev */
    struct sec_asn1e_state_struct *child;  /* aka next */

    sec_asn1e_parse_place place; /* where we are in encoding process */

    /*
     * XXX explain the next fields as clearly as possible...
     */
    unsigned char tag_modifiers;
    unsigned char tag_number;
    unsigned long underlying_kind;

    int depth;

    PRBool isExplicit,     /* we are handling an isExplicit header */
        indefinite,        /* need end-of-contents */
        is_string,         /* encoding a simple string or an ANY */
        may_stream,        /* when streaming, do indefinite encoding */
        optional,          /* omit field if it has no contents */
        disallowStreaming; /* disallow streaming in all sub-templates */
} sec_asn1e_state;

/*
 * An "outsider" will have an opaque pointer to this, created by calling
 * SEC_ASN1EncoderStart().  It will be passed back in to all subsequent
 * calls to SEC_ASN1EncoderUpdate() and related routines, and when done
 * it is passed to SEC_ASN1EncoderFinish().
 */
struct sec_EncoderContext_struct {
    PLArenaPool *our_pool; /* for our internal allocs */

    sec_asn1e_state *current;
    sec_asn1e_parse_status status;

    PRBool streaming;
    PRBool from_buf;

    SEC_ASN1NotifyProc notify_proc; /* call before/after handling field */
    void *notify_arg;               /* argument to notify_proc */
    PRBool during_notify;           /* true during call to notify_proc */

    SEC_ASN1WriteProc output_proc; /* pass encoded bytes to this  */
    void *output_arg;              /* argument to that function */
};

static sec_asn1e_state *
sec_asn1e_push_state(SEC_ASN1EncoderContext *cx,
                     const SEC_ASN1Template *theTemplate,
                     const void *src, PRBool new_depth)
{
    sec_asn1e_state *state, *new_state;

    state = cx->current;

    new_state = (sec_asn1e_state *)PORT_ArenaZAlloc(cx->our_pool,
                                                    sizeof(*new_state));
    if (new_state == NULL) {
        cx->status = encodeError;
        return NULL;
    }

    new_state->top = cx;
    new_state->parent = state;
    new_state->theTemplate = theTemplate;
    new_state->place = notInUse;
    if (src != NULL)
        new_state->src = (char *)src + theTemplate->offset;

    if (state != NULL) {
        new_state->depth = state->depth;
        if (new_depth)
            new_state->depth++;
        state->child = new_state;
    }

    cx->current = new_state;
    return new_state;
}

static void
sec_asn1e_scrub_state(sec_asn1e_state *state)
{
    /*
     * Some default "scrubbing".
     * XXX right set of initializations?
     */
    state->place = beforeHeader;
    state->indefinite = PR_FALSE;
}

static void
sec_asn1e_notify_before(SEC_ASN1EncoderContext *cx, void *src, int depth)
{
    if (cx->notify_proc == NULL)
        return;

    cx->during_notify = PR_TRUE;
    (*cx->notify_proc)(cx->notify_arg, PR_TRUE, src, depth);
    cx->during_notify = PR_FALSE;
}

static void
sec_asn1e_notify_after(SEC_ASN1EncoderContext *cx, void *src, int depth)
{
    if (cx->notify_proc == NULL)
        return;

    cx->during_notify = PR_TRUE;
    (*cx->notify_proc)(cx->notify_arg, PR_FALSE, src, depth);
    cx->during_notify = PR_FALSE;
}

static sec_asn1e_state *
sec_asn1e_init_state_based_on_template(sec_asn1e_state *state)
{
    PRBool isExplicit, is_string, may_stream, optional, universal;
    PRBool disallowStreaming;
    unsigned char tag_modifiers;
    unsigned long encode_kind, under_kind;
    unsigned long tag_number;
    PRBool isInline = PR_FALSE;

    encode_kind = state->theTemplate->kind;

    universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
                    ? PR_TRUE
                    : PR_FALSE;

    isExplicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
    encode_kind &= ~SEC_ASN1_EXPLICIT;

    optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
    encode_kind &= ~SEC_ASN1_OPTIONAL;

    PORT_Assert(!(isExplicit && universal)); /* bad templates */

    may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE;
    encode_kind &= ~SEC_ASN1_MAY_STREAM;

    disallowStreaming = (encode_kind & SEC_ASN1_NO_STREAM) ? PR_TRUE : PR_FALSE;
    encode_kind &= ~SEC_ASN1_NO_STREAM;

    /* Just clear this to get it out of the way; we do not need it here */
    encode_kind &= ~SEC_ASN1_DYNAMIC;

    if (encode_kind & SEC_ASN1_CHOICE) {
        under_kind = SEC_ASN1_CHOICE;
    } else if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) ||
               (!universal && !isExplicit)) {
        const SEC_ASN1Template *subt;
        void *src = NULL;

        PORT_Assert((encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) == 0);

        sec_asn1e_scrub_state(state);

        if (encode_kind & SEC_ASN1_POINTER) {
            src = *(void **)state->src;
            state->place = afterPointer;

            if (src == NULL) {
                /*
                 * If this is optional, but NULL, then the field does
                 * not need to be encoded.  In this case we are done;
                 * we do not want to push a subtemplate.
                 */
                if (optional)
                    return state;

                /*
                 * XXX this is an error; need to figure out
                 * how to handle this
                 */
            }
        } else {
            src = state->src;
            if (encode_kind & SEC_ASN1_INLINE) {
                /* check that there are no extraneous bits */
                /* PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional); */
                state->place = afterInline;
                isInline = PR_TRUE;
            } else {
                /*
                 * Save the tag modifiers and tag number here before moving
                 * on to the next state in case this is a member of a
                 * SEQUENCE OF
                 */
                state->tag_modifiers = (unsigned char)(encode_kind & (SEC_ASN1_TAG_MASK & ~SEC_ASN1_TAGNUM_MASK));
                state->tag_number = (unsigned char)(encode_kind & SEC_ASN1_TAGNUM_MASK);

                state->place = afterImplicit;
                state->optional = optional;
            }
        }

        subt = SEC_ASN1GetSubtemplate(state->theTemplate, state->src, PR_TRUE);
        if (isInline && optional) {
            /* we only handle a very limited set of optional inline cases at
               this time */
            if (PR_FALSE != SEC_ASN1IsTemplateSimple(subt)) {
                /* we now know that the target is a SECItem*, so we can check
                   if the source contains one */
                SECItem *target = (SECItem *)state->src;
                if (!target || !target->data || !target->len) {
                    /* no valid data to encode subtemplate */
                    return state;
                }
            } else {
                PORT_Assert(0); /* complex templates are not handled as
                                   inline optional */
            }
        }
        state = sec_asn1e_push_state(state->top, subt, src, PR_FALSE);
        if (state == NULL)
            return state;

        if (universal) {
            /*
             * This is a POINTER or INLINE; just init based on that
             * and we are done.
             */
            return sec_asn1e_init_state_based_on_template(state);
        }

        /*
         * This is an implicit, non-universal (meaning, application-private
         * or context-specific) field.  This results in a "magic" tag but
         * encoding based on the underlying type.  We pushed a new state
         * that is based on the subtemplate (the underlying type), but
         * now we will sort of alias it to give it some of our properties
         * (tag, optional status, etc.).
         *
         * NB: ALL the following flags in the subtemplate are disallowed
         *     and/or ignored: EXPLICIT, OPTIONAL, INNER, INLINE, POINTER.
         */

        under_kind = state->theTemplate->kind;
        if ((under_kind & SEC_ASN1_MAY_STREAM) && !disallowStreaming) {
            may_stream = PR_TRUE;
        }
        under_kind &= ~(SEC_ASN1_MAY_STREAM | SEC_ASN1_DYNAMIC);
    } else {
        under_kind = encode_kind;
    }

/*
     * Sanity check that there are no unwanted bits marked in under_kind.
     * These bits were either removed above (after we recorded them) or
     * they simply should not be found (signalling a bad/broken template).
     * XXX is this the right set of bits to test here? (i.e. need to add
     * or remove any?)
     */
#define UNEXPECTED_FLAGS                                                      \
    (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_SKIP | SEC_ASN1_INNER | \
     SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM | SEC_ASN1_INLINE | SEC_ASN1_POINTER)

    PORT_Assert((under_kind & UNEXPECTED_FLAGS) == 0);
    under_kind &= ~UNEXPECTED_FLAGS;
#undef UNEXPECTED_FLAGS

    if (encode_kind & SEC_ASN1_ANY) {
        PORT_Assert(encode_kind == under_kind);
        tag_modifiers = 0;
        tag_number = 0;
        is_string = PR_TRUE;
    } else {
        tag_modifiers = (unsigned char)(encode_kind & (SEC_ASN1_TAG_MASK & ~SEC_ASN1_TAGNUM_MASK));
        /*
         * XXX This assumes only single-octet identifiers.  To handle
         * the HIGH TAG form we would need to do some more work, especially
         * in how to specify them in the template, because right now we
         * do not provide a way to specify more *tag* bits in encode_kind.
         */
        tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK;

        is_string = PR_FALSE;
        switch (under_kind & SEC_ASN1_TAGNUM_MASK) {
            case SEC_ASN1_SET:
                /*
                 * XXX A plain old SET (as opposed to a SET OF) is not implemented.
                 * If it ever is, remove this assert...
                 */
                PORT_Assert((under_kind & SEC_ASN1_GROUP) != 0);
            /* fallthru */
            case SEC_ASN1_SEQUENCE:
                tag_modifiers |= SEC_ASN1_CONSTRUCTED;
                break;
            case SEC_ASN1_BIT_STRING:
            case SEC_ASN1_BMP_STRING:
            case SEC_ASN1_GENERALIZED_TIME:
            case SEC_ASN1_IA5_STRING:
            case SEC_ASN1_OCTET_STRING:
            case SEC_ASN1_PRINTABLE_STRING:
            case SEC_ASN1_T61_STRING:
            case SEC_ASN1_UNIVERSAL_STRING:
            case SEC_ASN1_UTC_TIME:
            case SEC_ASN1_UTF8_STRING:
            case SEC_ASN1_VISIBLE_STRING:
                /*
                 * We do not yet know if we will be constructing the string,
                 * so we have to wait to do this final tag modification.
                 */
                is_string = PR_TRUE;
                break;
        }
    }

    state->tag_modifiers = tag_modifiers;
    state->tag_number = (unsigned char)tag_number;
    state->underlying_kind = under_kind;
    state->isExplicit = isExplicit;
    state->may_stream = may_stream;
    state->is_string = is_string;
    state->optional = optional;
    state->disallowStreaming = disallowStreaming;

    sec_asn1e_scrub_state(state);

    return state;
}

static void
sec_asn1e_write_part(sec_asn1e_state *state,
                     const char *buf, unsigned long len,
                     SEC_ASN1EncodingPart part)
{
    SEC_ASN1EncoderContext *cx;

    cx = state->top;
    (*cx->output_proc)(cx->output_arg, buf, len, state->depth, part);
}

/*
 * XXX This assumes only single-octet identifiers.  To handle
 * the HIGH TAG form we would need to modify this interface and
 * teach it to properly encode the special form.
 */
static void
sec_asn1e_write_identifier_bytes(sec_asn1e_state *state, unsigned char value)
{
    char byte;

    byte = (char)value;
    sec_asn1e_write_part(state, &byte, 1, SEC_ASN1_Identifier);
}

int
SEC_ASN1EncodeLength(unsigned char *buf, int value)
{
    int lenlen;

    lenlen = SEC_ASN1LengthLength(value);
    if (lenlen == 1) {
        buf[0] = value;
    } else {
        int i;

        i = lenlen - 1;
        buf[0] = 0x80 | i;
        while (i) {
            buf[i--] = value;
            value >>= 8;
        }
        PORT_Assert(value == 0);
    }
    return lenlen;
}

static void
sec_asn1e_write_length_bytes(sec_asn1e_state *state, unsigned long value,
                             PRBool indefinite)
{
    int lenlen;
    unsigned char buf[sizeof(unsigned long) + 1];

    if (indefinite) {
        PORT_Assert(value == 0);
        buf[0] = 0x80;
        lenlen = 1;
    } else {
        lenlen = SEC_ASN1EncodeLength(buf, value);
    }

    sec_asn1e_write_part(state, (char *)buf, lenlen, SEC_ASN1_Length);
}

static void
sec_asn1e_write_contents_bytes(sec_asn1e_state *state,
                               const char *buf, unsigned long len)
{
    sec_asn1e_write_part(state, buf, len, SEC_ASN1_Contents);
}

static void
sec_asn1e_write_end_of_contents_bytes(sec_asn1e_state *state)
{
    const char eoc[2] = { 0, 0 };

    sec_asn1e_write_part(state, eoc, 2, SEC_ASN1_EndOfContents);
}

static int
sec_asn1e_which_choice(
    void *src,
    const SEC_ASN1Template *theTemplate)
{
    int rv;
    unsigned int which = *(unsigned int *)src;

    for (rv = 1, theTemplate++; theTemplate->kind != 0; rv++, theTemplate++) {
        if (which == theTemplate->size) {
            return rv;
        }
    }

    return 0;
}

static unsigned long
sec_asn1e_contents_length(const SEC_ASN1Template *theTemplate, void *src,
                          PRBool disallowStreaming, PRBool insideIndefinite,
                          sec_asn1e_hdr_encoding *pHdrException)
{
    unsigned long encode_kind, underlying_kind;
    PRBool isExplicit, optional, universal, may_stream;
    unsigned long len;

    /*
     * This function currently calculates the length in all cases
     * except the following: when writing out the contents of a
     * template that belongs to a state where it was a sub-template
     * with the SEC_ASN1_MAY_STREAM bit set and it's parent had the
     * optional bit set.  The information that the parent is optional
     * and that we should return the length of 0 when that length is
     * present since that means the optional field is no longer present.
     * So we add the disallowStreaming flag which is passed in when
     * writing the contents, but for all recursive calls to
     * sec_asn1e_contents_length, we pass PR_FALSE, because this
     * function correctly calculates the length for children templates
     * from that point on.  Confused yet?  At least you didn't have
     * to figure it out.  ;)  -javi
     */
    encode_kind = theTemplate->kind;

    universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
                    ? PR_TRUE
                    : PR_FALSE;

    isExplicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
    encode_kind &= ~SEC_ASN1_EXPLICIT;

    optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
    encode_kind &= ~SEC_ASN1_OPTIONAL;

    PORT_Assert(!(isExplicit && universal)); /* bad templates */

    may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE;
    encode_kind &= ~SEC_ASN1_MAY_STREAM;

    /* Just clear this to get it out of the way; we do not need it here */
    encode_kind &= ~SEC_ASN1_DYNAMIC;

    if (encode_kind & SEC_ASN1_NO_STREAM) {
        disallowStreaming = PR_TRUE;
    }
    encode_kind &= ~SEC_ASN1_NO_STREAM;

    if (encode_kind & SEC_ASN1_CHOICE) {
        void *src2;
        int indx = sec_asn1e_which_choice(src, theTemplate);
        if (0 == indx) {
            /* XXX set an error? "choice not found" */
            /* state->top->status = encodeError; */
            return 0;
        }

        src2 = (void *)((char *)src - theTemplate->offset + theTemplate[indx].offset);

        return sec_asn1e_contents_length(&theTemplate[indx], src2,
                                         disallowStreaming, insideIndefinite,
                                         pHdrException);
    }

    if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || !universal) {
        /* XXX any bits we want to disallow (PORT_Assert against) here? */
        theTemplate = SEC_ASN1GetSubtemplate(theTemplate, src, PR_TRUE);
        if (encode_kind & SEC_ASN1_POINTER) {
            src = *(void **)src;
            if (src == NULL) {
                *pHdrException = optional ? hdr_optional : hdr_normal;
                return 0;
            }
        } else if (encode_kind & SEC_ASN1_INLINE) {
            /* check that there are no extraneous bits */
            if (optional) {
                if (PR_FALSE != SEC_ASN1IsTemplateSimple(theTemplate)) {
                    /* we now know that the target is a SECItem*, so we can check
                       if the source contains one */
                    SECItem *target = (SECItem *)src;
                    if (!target || !target->data || !target->len) {
                        /* no valid data to encode subtemplate */
                        *pHdrException = hdr_optional;
                        return 0;
                    }
                } else {
                    PORT_Assert(0); /* complex templates not handled as inline
                                       optional */
                }
            }
        }

        src = (char *)src + theTemplate->offset;

        /* recurse to find the length of the subtemplate */
        len = sec_asn1e_contents_length(theTemplate, src, disallowStreaming,
                                        insideIndefinite, pHdrException);
        if (len == 0 && optional) {
            *pHdrException = hdr_optional;
        } else if (isExplicit) {
            if (*pHdrException == hdr_any) {
                /* *we* do not want to add in a header,
                ** but our caller still does.
                */
                *pHdrException = hdr_normal;
            } else if (*pHdrException == hdr_normal) {
                /* if the inner content exists, our length is
                 * len(identifier) + len(length) + len(innercontent)
                 * XXX we currently assume len(identifier) == 1;
                 * to support a high-tag-number this would need to be smarter.
                 */
                len += 1 + SEC_ASN1LengthLength(len);
            }
        }
        return len;
    }
    underlying_kind = encode_kind;

    /* This is only used in decoding; it plays no part in encoding.  */
    if (underlying_kind & SEC_ASN1_SAVE) {
        /* check that there are no extraneous bits */
        PORT_Assert(underlying_kind == SEC_ASN1_SAVE);
        *pHdrException = hdr_decoder;
        return 0;
    }

#define UNEXPECTED_FLAGS                                                          \
    (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_INLINE | SEC_ASN1_POINTER | \
     SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM | SEC_ASN1_SAVE | SEC_ASN1_SKIP)

    /* Having any of these bits is not expected here...  */
    PORT_Assert((underlying_kind & UNEXPECTED_FLAGS) == 0);
    underlying_kind &= ~UNEXPECTED_FLAGS;
#undef UNEXPECTED_FLAGS

    if (underlying_kind & SEC_ASN1_CHOICE) {
        void *src2;
        int indx = sec_asn1e_which_choice(src, theTemplate);
        if (0 == indx) {
            /* XXX set an error? "choice not found" */
            /* state->top->status = encodeError; */
            return 0;
        }

        src2 = (void *)((char *)src - theTemplate->offset + theTemplate[indx].offset);
        len = sec_asn1e_contents_length(&theTemplate[indx], src2,
                                        disallowStreaming, insideIndefinite,
                                        pHdrException);
    } else {
        switch (underlying_kind) {
            case SEC_ASN1_SEQUENCE_OF:
            case SEC_ASN1_SET_OF: {
                const SEC_ASN1Template *tmpt;
                void *sub_src;
                unsigned long sub_len;
                void **group;

                len = 0;

                group = *(void ***)src;
                if (group == NULL)
                    break;

                tmpt = SEC_ASN1GetSubtemplate(theTemplate, src, PR_TRUE);

                for (; *group != NULL; group++) {
                    sub_src = (char *)(*group) + tmpt->offset;
                    sub_len = sec_asn1e_contents_length(tmpt, sub_src,
                                                        disallowStreaming,
                                                        insideIndefinite,
                                                        pHdrException);
                    len += sub_len;
                    /*
                     * XXX The 1 below is the presumed length of the identifier;
                     * to support a high-tag-number this would need to be smarter.
                     */
                    if (*pHdrException == hdr_normal)
                        len += 1 + SEC_ASN1LengthLength(sub_len);
                }
            } break;

            case SEC_ASN1_SEQUENCE:
            case SEC_ASN1_SET: {
                const SEC_ASN1Template *tmpt;
                void *sub_src;
                unsigned long sub_len;

                len = 0;
                for (tmpt = theTemplate + 1; tmpt->kind; tmpt++) {
                    sub_src = (char *)src + tmpt->offset;
                    sub_len = sec_asn1e_contents_length(tmpt, sub_src,
                                                        disallowStreaming,
                                                        insideIndefinite,
                                                        pHdrException);
                    len += sub_len;
                    /*
                     * XXX The 1 below is the presumed length of the identifier;
                     * to support a high-tag-number this would need to be smarter.
                     */
                    if (*pHdrException == hdr_normal)
                        len += 1 + SEC_ASN1LengthLength(sub_len);
                }
            } break;

            case SEC_ASN1_BIT_STRING:
                /* convert bit length to byte */
                len = (((SECItem *)src)->len + 7) >> 3;
                /* bit string contents involve an extra octet */
                if (len)
                    len++;
                break;

            case SEC_ASN1_INTEGER:
                /* ASN.1 INTEGERs are signed.
                 * If the source is an unsigned integer, the encoder will need
                 * to handle the conversion here.
                 */
                {
                    unsigned char *buf = ((SECItem *)src)->data;
                    SECItemType integerType = ((SECItem *)src)->type;
                    len = ((SECItem *)src)->len;
                    while (len > 0) {
                        if (*buf != 0) {
                            if (*buf & 0x80 && integerType == siUnsignedInteger) {
                                len++; /* leading zero needed to make number signed */
                            }
                            break; /* reached beginning of number */
                        }
                        if (len == 1) {
                            break; /* the number 0 */
                        }
                        if (buf[1] & 0x80) {
                            break; /* leading zero already present */
                        }
                        /* extraneous leading zero, keep going */
                        buf++;
                        len--;
                    }
                }
                break;

            default:
                len = ((SECItem *)src)->len;
                break;
        } /* end switch */

#ifndef WHAT_PROBLEM_DOES_THIS_SOLVE
        /* if we're streaming, we may have a secitem w/len 0 as placeholder */
        if (!len && insideIndefinite && may_stream && !disallowStreaming) {
            len = 1;
        }
#endif
    } /* end else */

    if (len == 0 && optional)
        *pHdrException = hdr_optional;
    else if (underlying_kind == SEC_ASN1_ANY)
        *pHdrException = hdr_any;
    else
        *pHdrException = hdr_normal;

    return len;
}

static void
sec_asn1e_write_header(sec_asn1e_state *state)
{
    unsigned long contents_length;
    unsigned char tag_number, tag_modifiers;
    sec_asn1e_hdr_encoding hdrException = hdr_normal;
    PRBool indefinite = PR_FALSE;

    PORT_Assert(state->place == beforeHeader);

    tag_number = state->tag_number;
    tag_modifiers = state->tag_modifiers;

    if (state->underlying_kind == SEC_ASN1_ANY) {
        state->place = duringContents;
        return;
    }

    if (state->underlying_kind & SEC_ASN1_CHOICE) {
        int indx = sec_asn1e_which_choice(state->src, state->theTemplate);
        if (0 == indx) {
            /* XXX set an error? "choice not found" */
            state->top->status = encodeError;
            return;
        }
        state->place = afterChoice;
        state = sec_asn1e_push_state(state->top, &state->theTemplate[indx],
                                     (char *)state->src - state->theTemplate->offset,
                                     PR_TRUE);
        if (state) {
            /*
             * Do the "before" field notification.
             */
            sec_asn1e_notify_before(state->top, state->src, state->depth);
            (void)sec_asn1e_init_state_based_on_template(state);
        }
        return;
    }

    /* The !isString test below is apparently intended to ensure that all
    ** constructed types receive indefinite length encoding.
    */
    indefinite = (PRBool)(state->top->streaming && state->may_stream &&
                          (state->top->from_buf || !state->is_string));

    /*
     * If we are doing a definite-length encoding, first we have to
     * walk the data structure to calculate the entire contents length.
     * If we are doing an indefinite-length encoding, we still need to
     * know if the contents is:
     *    optional and to be omitted, or
     *    an ANY (header is pre-encoded), or
     *    a SAVE or some other kind of template used only by the decoder.
     * So, we call this function either way.
     */
    contents_length = sec_asn1e_contents_length(state->theTemplate,
                                                state->src,
                                                state->disallowStreaming,
                                                indefinite,
                                                &hdrException);
    /*
     * We might be told explicitly not to put out a header.
     * But it can also be the case, via a pushed subtemplate, that
     * sec_asn1e_contents_length could not know that this field is
     * really optional.  So check for that explicitly, too.
     */
    if (hdrException != hdr_normal ||
        (contents_length == 0 && state->optional)) {
        state->place = afterContents;
        if (state->top->streaming &&
            state->may_stream &&
            state->top->from_buf) {
            /* we did not find an optional indefinite string, so we
             * don't encode it.  However, if TakeFromBuf is on, we stop
             * here anyway to give our caller a chance to intercept at the
             * same point where we would stop if the field were present.
             */
            state->top->status = needBytes;
        }
        return;
    }

    if (indefinite) {
        /*
         * We need to put out an indefinite-length encoding.
         * The only universal types that can be constructed are SETs,
         * SEQUENCEs, and strings; so check that it is one of those,
         * or that it is not universal (e.g. context-specific).
         */
        state->indefinite = PR_TRUE;
        PORT_Assert((tag_number == SEC_ASN1_SET) || (tag_number == SEC_ASN1_SEQUENCE) || ((tag_modifiers & SEC_ASN1_CLASS_MASK) != 0) || state->is_string);
        tag_modifiers |= SEC_ASN1_CONSTRUCTED;
        contents_length = 0;
    }

    sec_asn1e_write_identifier_bytes(state,
                                     (unsigned char)(tag_number | tag_modifiers));
    sec_asn1e_write_length_bytes(state, contents_length, state->indefinite);

    if (contents_length == 0 && !state->indefinite) {
        /*
         * If no real contents to encode, then we are done with this field.
         */
        state->place = afterContents;
        return;
    }

    /*
     * An EXPLICIT is nothing but an outer header, which we have already
     * written.  Now we need to do the inner header and contents.
     */
    if (state->isExplicit) {
        const SEC_ASN1Template *subt =
            SEC_ASN1GetSubtemplate(state->theTemplate, state->src, PR_TRUE);
        state->place = afterContents;
        state = sec_asn1e_push_state(state->top, subt, state->src, PR_TRUE);
        if (state != NULL) {
            (void)sec_asn1e_init_state_based_on_template(state);
        }
        return;
    }

    switch (state->underlying_kind) {
        case SEC_ASN1_SET_OF:
        case SEC_ASN1_SEQUENCE_OF:
            /*
             * We need to push a child to handle each member.
             */
            {
                void **group;
                const SEC_ASN1Template *subt;

                group = *(void ***)state->src;
                if (group == NULL || *group == NULL) {
                    /*
                     * Group is empty; we are done.
                     */
                    state->place = afterContents;
                    return;
                }
                state->place = duringGroup;
                subt = SEC_ASN1GetSubtemplate(state->theTemplate, state->src,
                                              PR_TRUE);
                state = sec_asn1e_push_state(state->top, subt, *group, PR_TRUE);
                if (state != NULL) {
                    (void)sec_asn1e_init_state_based_on_template(state);
                }
            }
            break;

        case SEC_ASN1_SEQUENCE:
        case SEC_ASN1_SET:
            /*
             * We need to push a child to handle the individual fields.
             */
            state->place = duringSequence;
            state = sec_asn1e_push_state(state->top, state->theTemplate + 1,
                                         state->src, PR_TRUE);
            if (state != NULL) {
                /*
                 * Do the "before" field notification.
                 */
                sec_asn1e_notify_before(state->top, state->src, state->depth);
                (void)sec_asn1e_init_state_based_on_template(state);
            }
            break;

        default:
            /*
             * I think we do not need to do anything else.
             * XXX Correct?
             */
            state->place = duringContents;
            break;
    }
}

static void
sec_asn1e_write_contents_from_buf(sec_asn1e_state *state,
                                  const char *buf, unsigned long len)
{
    PORT_Assert(state->place == duringContents);
    PORT_Assert(state->top->from_buf);
    PORT_Assert(state->may_stream && !state->disallowStreaming);

    /*
     * Probably they just turned on "take from buf", but have not
     * yet given us any bytes.  If there is nothing in the buffer
     * then we have nothing to do but return and wait.
     */
    if (buf == NULL || len == 0) {
        state->top->status = needBytes;
        return;
    }
    /*
     * We are streaming, reading from a passed-in buffer.
     * This means we are encoding a simple string or an ANY.
     * For the former, we need to put out a substring, with its
     * own identifier and length.  For an ANY, we just write it
     * out as is (our caller is required to ensure that it
     * is a properly encoded entity).
     */
    PORT_Assert(state->is_string); /* includes ANY */
    if (state->underlying_kind != SEC_ASN1_ANY) {
        unsigned char identifier;

        /*
         * Create the identifier based on underlying_kind.  We cannot
         * use tag_number and tag_modifiers because this can be an
         * implicitly encoded field.  In that case, the underlying
         * substrings *are* encoded with their real tag.
         */
        identifier = (unsigned char)(state->underlying_kind & SEC_ASN1_TAG_MASK);
        /*
         * The underlying kind should just be a simple string; there
         * should be no bits like CONTEXT_SPECIFIC or CONSTRUCTED set.
         */
        PORT_Assert((identifier & SEC_ASN1_TAGNUM_MASK) == identifier);
        /*
         * Write out the tag and length for the substring.
         */
        sec_asn1e_write_identifier_bytes(state, identifier);
        if (state->underlying_kind == SEC_ASN1_BIT_STRING) {
            char byte;
            /*
             * Assume we have a length in bytes but we need to output
             * a proper bit string.  This interface only works for bit
             * strings that are full multiples of 8.  If support for
             * real, variable length bit strings is needed then the
             * caller will have to know to pass in a bit length instead
             * of a byte length and then this code will have to
             * perform the encoding necessary (length written is length
             * in bytes plus 1, and the first octet of string is the
             * number of bits remaining between the end of the bit
             * string and the next byte boundary).
             */
            sec_asn1e_write_length_bytes(state, len + 1, PR_FALSE);
            byte = 0;
            sec_asn1e_write_contents_bytes(state, &byte, 1);
        } else {
            sec_asn1e_write_length_bytes(state, len, PR_FALSE);
        }
    }
    sec_asn1e_write_contents_bytes(state, buf, len);
    state->top->status = needBytes;
}

static void
sec_asn1e_write_contents(sec_asn1e_state *state)
{
    unsigned long len = 0;

    PORT_Assert(state->place == duringContents);

    switch (state->underlying_kind) {
        case SEC_ASN1_SET:
        case SEC_ASN1_SEQUENCE:
            PORT_Assert(0);
            break;

        case SEC_ASN1_BIT_STRING: {
            SECItem *item;
            char rem;

            item = (SECItem *)state->src;
            len = (item->len + 7) >> 3;
            rem = (unsigned char)((len << 3) - item->len); /* remaining bits */
            sec_asn1e_write_contents_bytes(state, &rem, 1);
            sec_asn1e_write_contents_bytes(state, (char *)item->data, len);
        } break;

        case SEC_ASN1_BMP_STRING:
            /* The number of bytes must be divisable by 2 */
            if ((((SECItem *)state->src)->len) % 2) {
                SEC_ASN1EncoderContext *cx;

                cx = state->top;
                cx->status = encodeError;
                break;
            }
            /* otherwise, fall through to write the content */
            goto process_string;

        case SEC_ASN1_UNIVERSAL_STRING:
            /* The number of bytes must be divisable by 4 */
            if ((((SECItem *)state->src)->len) % 4) {
                SEC_ASN1EncoderContext *cx;

                cx = state->top;
                cx->status = encodeError;
                break;
            }
            /* otherwise, fall through to write the content */
            goto process_string;

        case SEC_ASN1_INTEGER:
            /* ASN.1 INTEGERs are signed.  If the source is an unsigned
             * integer, the encoder will need to handle the conversion here.
             */
            {
                unsigned int blen;
                unsigned char *buf;
                SECItemType integerType;
                blen = ((SECItem *)state->src)->len;
                buf = ((SECItem *)state->src)->data;
                integerType = ((SECItem *)state->src)->type;
                while (blen > 0) {
                    if (*buf & 0x80 && integerType == siUnsignedInteger) {
                        char zero = 0; /* write a leading 0 */
                        sec_asn1e_write_contents_bytes(state, &zero, 1);
                        /* and then the remaining buffer */
                        sec_asn1e_write_contents_bytes(state,
                                                       (char *)buf, blen);
                        break;
                    }
                    /* Check three possibilities:
                     * 1.  No leading zeros, msb of MSB is not 1;
                     * 2.  The number is zero itself;
                     * 3.  Encoding a signed integer with a leading zero,
                     *     keep the zero so that the number is positive.
                     */
                    if (*buf != 0 ||
                        blen == 1 ||
                        (buf[1] & 0x80 && integerType != siUnsignedInteger)) {
                        sec_asn1e_write_contents_bytes(state,
                                                       (char *)buf, blen);
                        break;
                    }
                    /* byte is 0, continue */
                    buf++;
                    blen--;
                }
            }
            /* done with this content */
            break;

        process_string:
        default: {
            SECItem *item;

            item = (SECItem *)state->src;
            sec_asn1e_write_contents_bytes(state, (char *)item->data,
                                           item->len);
        } break;
    }
    state->place = afterContents;
}

/*
 * We are doing a SET OF or SEQUENCE OF, and have just finished an item.
 */
static void
sec_asn1e_next_in_group(sec_asn1e_state *state)
{
    sec_asn1e_state *child;
    void **group;
    void *member;

    PORT_Assert(state->place == duringGroup);
    PORT_Assert(state->child != NULL);

    child = state->child;

    group = *(void ***)state->src;

    /*
     * Find placement of current item.
     */
    member = (char *)(state->child->src) - child->theTemplate->offset;
    while (*group != member)
        group++;

    /*
     * Move forward to next item.
     */
    group++;
    if (*group == NULL) {
        /*
         * That was our last one; we are done now.
         */
        child->place = notInUse;
        state->place = afterContents;
        return;
    }
    child->src = (char *)(*group) + child->theTemplate->offset;

    /*
     * Re-"push" child.
     */
    sec_asn1e_scrub_state(child);
    state->top->current = child;
}

/*
 * We are moving along through a sequence; move forward by one,
 * (detecting end-of-sequence when it happens).
 */
static void
sec_asn1e_next_in_sequence(sec_asn1e_state *state)
{
    sec_asn1e_state *child;

    PORT_Assert(state->place == duringSequence);
    PORT_Assert(state->child != NULL);

    child = state->child;

    /*
     * Do the "after" field notification.
     */
    sec_asn1e_notify_after(state->top, child->src, child->depth);

    /*
     * Move forward.
     */
    child->theTemplate++;
    if (child->theTemplate->kind == 0) {
        /*
         * We are done with this sequence.
         */
        child->place = notInUse;
        state->place = afterContents;
        return;
    }

    /*
     * Reset state and push.
     */

    child->src = (char *)state->src + child->theTemplate->offset;

    /*
     * Do the "before" field notification.
     */
    sec_asn1e_notify_before(state->top, child->src, child->depth);

    state->top->current = child;
    (void)sec_asn1e_init_state_based_on_template(child);
}

static void
sec_asn1e_after_contents(sec_asn1e_state *state)
{
    PORT_Assert(state->place == afterContents);

    if (state->indefinite)
        sec_asn1e_write_end_of_contents_bytes(state);

    /*
     * Just make my parent be the current state.  It will then clean
     * up after me and free me (or reuse me).
     */
    state->top->current = state->parent;
}

/*
 * This function is called whether or not we are streaming; if we
 * *are* streaming, our caller can also instruct us to take bytes
 * from the passed-in buffer (at buf, for length len, which is likely
 * bytes but could even mean bits if the current field is a bit string).
 * If we have been so instructed, we will gobble up bytes from there
 * (rather than from our src structure) and output them, and then
 * we will just return, expecting to be called again -- either with
 * more bytes or after our caller has instructed us that we are done
 * (for now) with the buffer.
 */
SECStatus
SEC_ASN1EncoderUpdate(SEC_ASN1EncoderContext *cx,
                      const char *buf, unsigned long len)
{
    sec_asn1e_state *state;

    if (cx->status == needBytes) {
        cx->status = keepGoing;
    }

    while (cx->status == keepGoing) {
        state = cx->current;
        switch (state->place) {
            case beforeHeader:
                sec_asn1e_write_header(state);
                break;
            case duringContents:
                if (cx->from_buf)
                    sec_asn1e_write_contents_from_buf(state, buf, len);
                else
                    sec_asn1e_write_contents(state);
                break;
            case duringGroup:
                sec_asn1e_next_in_group(state);
                break;
            case duringSequence:
                sec_asn1e_next_in_sequence(state);
                break;
            case afterContents:
                sec_asn1e_after_contents(state);
                break;
            case afterImplicit:
            case afterInline:
            case afterPointer:
            case afterChoice:
                /*
                 * These states are more documentation than anything.
                 * They just need to force a pop.
                 */
                PORT_Assert(!state->indefinite);
                state->place = afterContents;
                break;
            case notInUse:
            default:
                /* This is not an error, but rather a plain old BUG! */
                PORT_Assert(0);
                cx->status = encodeError;
                break;
        }

        if (cx->status == encodeError)
            break;

        /* It might have changed, so we have to update our local copy.  */
        state = cx->current;

        /* If it is NULL, we have popped all the way to the top.  */
        if (state == NULL) {
            cx->status = allDone;
            break;
        }
    }

    if (cx->status == encodeError) {
        return SECFailure;
    }

    return SECSuccess;
}

void
SEC_ASN1EncoderFinish(SEC_ASN1EncoderContext *cx)
{
    /*
     * XXX anything else that needs to be finished?
     */

    PORT_FreeArena(cx->our_pool, PR_FALSE);
}

SEC_ASN1EncoderContext *
SEC_ASN1EncoderStart(const void *src, const SEC_ASN1Template *theTemplate,
                     SEC_ASN1WriteProc output_proc, void *output_arg)
{
    PLArenaPool *our_pool;
    SEC_ASN1EncoderContext *cx;

    our_pool = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
    if (our_pool == NULL)
        return NULL;

    cx = (SEC_ASN1EncoderContext *)PORT_ArenaZAlloc(our_pool, sizeof(*cx));
    if (cx == NULL) {
        PORT_FreeArena(our_pool, PR_FALSE);
        return NULL;
    }

    cx->our_pool = our_pool;
    cx->output_proc = output_proc;
    cx->output_arg = output_arg;

    cx->status = keepGoing;

    if (sec_asn1e_push_state(cx, theTemplate, src, PR_FALSE) == NULL ||
        sec_asn1e_init_state_based_on_template(cx->current) == NULL) {
        /*
         * Trouble initializing (probably due to failed allocations)
         * requires that we just give up.
         */
        PORT_FreeArena(our_pool, PR_FALSE);
        return NULL;
    }

    return cx;
}

/*
 * XXX Do we need a FilterProc, too?
 */

void
SEC_ASN1EncoderSetNotifyProc(SEC_ASN1EncoderContext *cx,
                             SEC_ASN1NotifyProc fn, void *arg)
{
    cx->notify_proc = fn;
    cx->notify_arg = arg;
}

void
SEC_ASN1EncoderClearNotifyProc(SEC_ASN1EncoderContext *cx)
{
    cx->notify_proc = NULL;
    cx->notify_arg = NULL; /* not necessary; just being clean */
}

void
SEC_ASN1EncoderAbort(SEC_ASN1EncoderContext *cx, int error)
{
    PORT_Assert(cx);
    PORT_SetError(error);
    cx->status = encodeError;
}

void
SEC_ASN1EncoderSetStreaming(SEC_ASN1EncoderContext *cx)
{
    /* XXX is there a way to check that we are "between" fields here? */

    cx->streaming = PR_TRUE;
}

void
SEC_ASN1EncoderClearStreaming(SEC_ASN1EncoderContext *cx)
{
    /* XXX is there a way to check that we are "between" fields here? */

    cx->streaming = PR_FALSE;
}

void
SEC_ASN1EncoderSetTakeFromBuf(SEC_ASN1EncoderContext *cx)
{
    /*
     * XXX is there a way to check that we are "between" fields here?  this
     * needs to include a check for being in between groups of items in
     * a SET_OF or SEQUENCE_OF.
     */
    PORT_Assert(cx->streaming);

    cx->from_buf = PR_TRUE;
}

void
SEC_ASN1EncoderClearTakeFromBuf(SEC_ASN1EncoderContext *cx)
{
    /* we should actually be taking from buf *now* */
    PORT_Assert(cx->from_buf);
    if (!cx->from_buf) /* if not, just do nothing */
        return;

    cx->from_buf = PR_FALSE;

    if (cx->status == needBytes) {
        cx->status = keepGoing;
        cx->current->place = afterContents;
    }
}

SECStatus
SEC_ASN1Encode(const void *src, const SEC_ASN1Template *theTemplate,
               SEC_ASN1WriteProc output_proc, void *output_arg)
{
    SEC_ASN1EncoderContext *ecx;
    SECStatus rv;

    ecx = SEC_ASN1EncoderStart(src, theTemplate, output_proc, output_arg);
    if (ecx == NULL)
        return SECFailure;

    rv = SEC_ASN1EncoderUpdate(ecx, NULL, 0);

    SEC_ASN1EncoderFinish(ecx);
    return rv;
}

/*
 * XXX depth and data_kind are unused; is there a PC way to silence warnings?
 * (I mean "politically correct", not anything to do with intel/win platform)
 */
static void
sec_asn1e_encode_item_count(void *arg, const char *buf, unsigned long len,
                            int depth, SEC_ASN1EncodingPart data_kind)
{
    unsigned long *count;

    count = (unsigned long *)arg;
    PORT_Assert(count != NULL);

    *count += len;
}

/* XXX depth and data_kind are unused; is there a PC way to silence warnings? */
static void
sec_asn1e_encode_item_store(void *arg, const char *buf, unsigned long len,
                            int depth, SEC_ASN1EncodingPart data_kind)
{
    SECItem *dest;

    dest = (SECItem *)arg;
    PORT_Assert(dest != NULL);

    if (len > 0) {
        PORT_Memcpy(dest->data + dest->len, buf, len);
        dest->len += len;
    }
}

/*
 * Allocate an entire SECItem, or just the data part of it, to hold
 * "len" bytes of stuff.  Allocate from the given pool, if specified,
 * otherwise just do a vanilla PORT_Alloc.
 *
 * XXX This seems like a reasonable general-purpose function (for SECITEM_)?
 */
static SECItem *
sec_asn1e_allocate_item(PLArenaPool *poolp, SECItem *dest, unsigned long len)
{
    if (poolp != NULL) {
        void *release;

        release = PORT_ArenaMark(poolp);
        if (dest == NULL)
            dest = (SECItem *)PORT_ArenaAlloc(poolp, sizeof(SECItem));
        if (dest != NULL) {
            dest->data = (unsigned char *)PORT_ArenaAlloc(poolp, len);
            if (dest->data == NULL) {
                dest = NULL;
            }
        }
        if (dest == NULL) {
            /* one or both allocations failed; release everything */
            PORT_ArenaRelease(poolp, release);
        } else {
            /* everything okay; unmark the arena */
            PORT_ArenaUnmark(poolp, release);
        }
    } else {
        SECItem *indest;

        indest = dest;
        if (dest == NULL)
            dest = (SECItem *)PORT_Alloc(sizeof(SECItem));
        if (dest != NULL) {
            dest->type = siBuffer;
            dest->data = (unsigned char *)PORT_Alloc(len);
            if (dest->data == NULL) {
                if (indest == NULL)
                    PORT_Free(dest);
                dest = NULL;
            }
        }
    }

    return dest;
}

SECItem *
SEC_ASN1EncodeItem(PLArenaPool *poolp, SECItem *dest, const void *src,
                   const SEC_ASN1Template *theTemplate)
{
    unsigned long encoding_length;
    SECStatus rv;

    PORT_Assert(dest == NULL || dest->data == NULL);

    encoding_length = 0;
    rv = SEC_ASN1Encode(src, theTemplate,
                        sec_asn1e_encode_item_count, &encoding_length);
    if (rv != SECSuccess)
        return NULL;

    dest = sec_asn1e_allocate_item(poolp, dest, encoding_length);
    if (dest == NULL)
        return NULL;

    /* XXX necessary?  This really just checks for a bug in the allocate fn */
    PORT_Assert(dest->data != NULL);
    if (dest->data == NULL)
        return NULL;

    dest->len = 0;
    (void)SEC_ASN1Encode(src, theTemplate, sec_asn1e_encode_item_store, dest);

    PORT_Assert(encoding_length == dest->len);
    return dest;
}

static SECItem *
sec_asn1e_integer(PLArenaPool *poolp, SECItem *dest, unsigned long value,
                  PRBool is_unsigned)
{
    unsigned long copy;
    unsigned char sign;
    int len = 0;

    /*
     * Determine the length of the encoded value (minimum of 1).
     */
    copy = value;
    do {
        len++;
        sign = (unsigned char)(copy & 0x80);
        copy >>= 8;
    } while (copy);

    /*
     * If 'value' is non-negative, and the high bit of the last
     * byte we counted was set, we need to add one to the length so
     * we put a high-order zero byte in the encoding.
     */
    if (sign && (is_unsigned || (long)value >= 0))
        len++;

    /*
     * Allocate the item (if necessary) and the data pointer within.
     */
    dest = sec_asn1e_allocate_item(poolp, dest, len);
    if (dest == NULL)
        return NULL;

    /*
     * Store the value, byte by byte, in the item.
     */
    dest->len = len;
    while (len) {
        dest->data[--len] = (unsigned char)value;
        value >>= 8;
    }
    PORT_Assert(value == 0);

    return dest;
}

SECItem *
SEC_ASN1EncodeInteger(PLArenaPool *poolp, SECItem *dest, long value)
{
    return sec_asn1e_integer(poolp, dest, (unsigned long)value, PR_FALSE);
}

SECItem *
SEC_ASN1EncodeUnsignedInteger(PLArenaPool *poolp,
                              SECItem *dest, unsigned long value)
{
    return sec_asn1e_integer(poolp, dest, value, PR_TRUE);
}