[linux.git] / lib / asn1_encoder.c

// SPDX-License-Identifier: GPL-2.0-only
/*
 * Simple encoder primitives for ASN.1 BER/DER/CER
 *
 * Copyright (C) 2019 [email protected]
 */

#include <linux/asn1_encoder.h>
#include <linux/bug.h>
#include <linux/string.h>
#include <linux/module.h>

/**
 * asn1_encode_integer() - encode positive integer to ASN.1
 * @data:	pointer to the pointer to the data
 * @end_data:	end of data pointer, points one beyond last usable byte in @data
 * @integer:	integer to be encoded
 *
 * This is a simplified encoder: it only currently does
 * positive integers, but it should be simple enough to add the
 * negative case if a use comes along.
 */
unsigned char *
asn1_encode_integer(unsigned char *data, const unsigned char *end_data,
		    s64 integer)
{
	int data_len = end_data - data;
	unsigned char *d = &data[2];
	bool found = false;
	int i;

	if (WARN(integer < 0,
		 "BUG: integer encode only supports positive integers"))
		return ERR_PTR(-EINVAL);

	if (IS_ERR(data))
		return data;

	/* need at least 3 bytes for tag, length and integer encoding */
	if (data_len < 3)
		return ERR_PTR(-EINVAL);

	/* remaining length where at d (the start of the integer encoding) */
	data_len -= 2;

	data[0] = _tag(UNIV, PRIM, INT);
	if (integer == 0) {
		*d++ = 0;
		goto out;
	}

	for (i = sizeof(integer); i > 0 ; i--) {
		int byte = integer >> (8 * (i - 1));

		if (!found && byte == 0)
			continue;

		/*
		 * for a positive number the first byte must have bit
		 * 7 clear in two's complement (otherwise it's a
		 * negative number) so prepend a leading zero if
		 * that's not the case
		 */
		if (!found && (byte & 0x80)) {
			/*
			 * no check needed here, we already know we
			 * have len >= 1
			 */
			*d++ = 0;
			data_len--;
		}

		found = true;
		if (data_len == 0)
			return ERR_PTR(-EINVAL);

		*d++ = byte;
		data_len--;
	}

 out:
	data[1] = d - data - 2;

	return d;
}
EXPORT_SYMBOL_GPL(asn1_encode_integer);

/* calculate the base 128 digit values setting the top bit of the first octet */
static int asn1_encode_oid_digit(unsigned char **_data, int *data_len, u32 oid)
{
	unsigned char *data = *_data;
	int start = 7 + 7 + 7 + 7;
	int ret = 0;

	if (*data_len < 1)
		return -EINVAL;

	/* quick case */
	if (oid == 0) {
		*data++ = 0x80;
		(*data_len)--;
		goto out;
	}

	while (oid >> start == 0)
		start -= 7;

	while (start > 0 && *data_len > 0) {
		u8 byte;

		byte = oid >> start;
		oid = oid - (byte << start);
		start -= 7;
		byte |= 0x80;
		*data++ = byte;
		(*data_len)--;
	}

	if (*data_len > 0) {
		*data++ = oid;
		(*data_len)--;
	} else {
		ret = -EINVAL;
	}

 out:
	*_data = data;
	return ret;
}

/**
 * asn1_encode_oid() - encode an oid to ASN.1
 * @data:	position to begin encoding at
 * @end_data:	end of data pointer, points one beyond last usable byte in @data
 * @oid:	array of oids
 * @oid_len:	length of oid array
 *
 * this encodes an OID up to ASN.1 when presented as an array of OID values
 */
unsigned char *
asn1_encode_oid(unsigned char *data, const unsigned char *end_data,
		u32 oid[], int oid_len)
{
	int data_len = end_data - data;
	unsigned char *d = data + 2;
	int i, ret;

	if (WARN(oid_len < 2, "OID must have at least two elements"))
		return ERR_PTR(-EINVAL);

	if (WARN(oid_len > 32, "OID is too large"))
		return ERR_PTR(-EINVAL);

	if (IS_ERR(data))
		return data;


	/* need at least 3 bytes for tag, length and OID encoding */
	if (data_len < 3)
		return ERR_PTR(-EINVAL);

	data[0] = _tag(UNIV, PRIM, OID);
	*d++ = oid[0] * 40 + oid[1];

	data_len -= 3;

	ret = 0;

	for (i = 2; i < oid_len; i++) {
		ret = asn1_encode_oid_digit(&d, &data_len, oid[i]);
		if (ret < 0)
			return ERR_PTR(ret);
	}

	data[1] = d - data - 2;

	return d;
}
EXPORT_SYMBOL_GPL(asn1_encode_oid);

/**
 * asn1_encode_length() - encode a length to follow an ASN.1 tag
 * @data: pointer to encode at
 * @data_len: pointer to remaining length (adjusted by routine)
 * @len: length to encode
 *
 * This routine can encode lengths up to 65535 using the ASN.1 rules.
 * It will accept a negative length and place a zero length tag
 * instead (to keep the ASN.1 valid).  This convention allows other
 * encoder primitives to accept negative lengths as singalling the
 * sequence will be re-encoded when the length is known.
 */
static int asn1_encode_length(unsigned char **data, int *data_len, int len)
{
	if (*data_len < 1)
		return -EINVAL;

	if (len < 0) {
		*((*data)++) = 0;
		(*data_len)--;
		return 0;
	}

	if (len <= 0x7f) {
		*((*data)++) = len;
		(*data_len)--;
		return 0;
	}

	if (*data_len < 2)
		return -EINVAL;

	if (len <= 0xff) {
		*((*data)++) = 0x81;
		*((*data)++) = len & 0xff;
		*data_len -= 2;
		return 0;
	}

	if (*data_len < 3)
		return -EINVAL;

	if (len <= 0xffff) {
		*((*data)++) = 0x82;
		*((*data)++) = (len >> 8) & 0xff;
		*((*data)++) = len & 0xff;
		*data_len -= 3;
		return 0;
	}

	if (WARN(len > 0xffffff, "ASN.1 length can't be > 0xffffff"))
		return -EINVAL;

	if (*data_len < 4)
		return -EINVAL;
	*((*data)++) = 0x83;
	*((*data)++) = (len >> 16) & 0xff;
	*((*data)++) = (len >> 8) & 0xff;
	*((*data)++) = len & 0xff;
	*data_len -= 4;

	return 0;
}

/**
 * asn1_encode_tag() - add a tag for optional or explicit value
 * @data:	pointer to place tag at
 * @end_data:	end of data pointer, points one beyond last usable byte in @data
 * @tag:	tag to be placed
 * @string:	the data to be tagged
 * @len:	the length of the data to be tagged
 *
 * Note this currently only handles short form tags < 31.
 *
 * Standard usage is to pass in a @tag, @string and @length and the
 * @string will be ASN.1 encoded with @tag and placed into @data.  If
 * the encoding would put data past @end_data then an error is
 * returned, otherwise a pointer to a position one beyond the encoding
 * is returned.
 *
 * To encode in place pass a NULL @string and -1 for @len and the
 * maximum allowable beginning and end of the data; all this will do
 * is add the current maximum length and update the data pointer to
 * the place where the tag contents should be placed is returned.  The
 * data should be copied in by the calling routine which should then
 * repeat the prior statement but now with the known length.  In order
 * to avoid having to keep both before and after pointers, the repeat
 * expects to be called with @data pointing to where the first encode
 * returned it and still NULL for @string but the real length in @len.
 */
unsigned char *
asn1_encode_tag(unsigned char *data, const unsigned char *end_data,
		u32 tag, const unsigned char *string, int len)
{
	int data_len = end_data - data;
	int ret;

	if (WARN(tag > 30, "ASN.1 tag can't be > 30"))
		return ERR_PTR(-EINVAL);

	if (!string && WARN(len > 127,
			    "BUG: recode tag is too big (>127)"))
		return ERR_PTR(-EINVAL);

	if (IS_ERR(data))
		return data;

	if (!string && len > 0) {
		/*
		 * we're recoding, so move back to the start of the
		 * tag and install a dummy length because the real
		 * data_len should be NULL
		 */
		data -= 2;
		data_len = 2;
	}

	if (data_len < 2)
		return ERR_PTR(-EINVAL);

	*(data++) = _tagn(CONT, CONS, tag);
	data_len--;
	ret = asn1_encode_length(&data, &data_len, len);
	if (ret < 0)
		return ERR_PTR(ret);

	if (!string)
		return data;

	if (data_len < len)
		return ERR_PTR(-EINVAL);

	memcpy(data, string, len);
	data += len;

	return data;
}
EXPORT_SYMBOL_GPL(asn1_encode_tag);

/**
 * asn1_encode_octet_string() - encode an ASN.1 OCTET STRING
 * @data:	pointer to encode at
 * @end_data:	end of data pointer, points one beyond last usable byte in @data
 * @string:	string to be encoded
 * @len:	length of string
 *
 * Note ASN.1 octet strings may contain zeros, so the length is obligatory.
 */
unsigned char *
asn1_encode_octet_string(unsigned char *data,
			 const unsigned char *end_data,
			 const unsigned char *string, u32 len)
{
	int data_len = end_data - data;
	int ret;

	if (IS_ERR(data))
		return data;

	/* need minimum of 2 bytes for tag and length of zero length string */
	if (data_len < 2)
		return ERR_PTR(-EINVAL);

	*(data++) = _tag(UNIV, PRIM, OTS);
	data_len--;

	ret = asn1_encode_length(&data, &data_len, len);
	if (ret)
		return ERR_PTR(ret);

	if (data_len < len)
		return ERR_PTR(-EINVAL);

	memcpy(data, string, len);
	data += len;

	return data;
}
EXPORT_SYMBOL_GPL(asn1_encode_octet_string);

/**
 * asn1_encode_sequence() - wrap a byte stream in an ASN.1 SEQUENCE
 * @data:	pointer to encode at
 * @end_data:	end of data pointer, points one beyond last usable byte in @data
 * @seq:	data to be encoded as a sequence
 * @len:	length of the data to be encoded as a sequence
 *
 * Fill in a sequence.  To encode in place, pass NULL for @seq and -1
 * for @len; then call again once the length is known (still with NULL
 * for @seq). In order to avoid having to keep both before and after
 * pointers, the repeat expects to be called with @data pointing to
 * where the first encode placed it.
 */
unsigned char *
asn1_encode_sequence(unsigned char *data, const unsigned char *end_data,
		     const unsigned char *seq, int len)
{
	int data_len = end_data - data;
	int ret;

	if (!seq && WARN(len > 127,
			 "BUG: recode sequence is too big (>127)"))
		return ERR_PTR(-EINVAL);

	if (IS_ERR(data))
		return data;

	if (!seq && len >= 0) {
		/*
		 * we're recoding, so move back to the start of the
		 * sequence and install a dummy length because the
		 * real length should be NULL
		 */
		data -= 2;
		data_len = 2;
	}

	if (data_len < 2)
		return ERR_PTR(-EINVAL);

	*(data++) = _tag(UNIV, CONS, SEQ);
	data_len--;

	ret = asn1_encode_length(&data, &data_len, len);
	if (ret)
		return ERR_PTR(ret);

	if (!seq)
		return data;

	if (data_len < len)
		return ERR_PTR(-EINVAL);

	memcpy(data, seq, len);
	data += len;

	return data;
}
EXPORT_SYMBOL_GPL(asn1_encode_sequence);

/**
 * asn1_encode_boolean() - encode a boolean value to ASN.1
 * @data:	pointer to encode at
 * @end_data:	end of data pointer, points one beyond last usable byte in @data
 * @val:	the boolean true/false value
 */
unsigned char *
asn1_encode_boolean(unsigned char *data, const unsigned char *end_data,
		    bool val)
{
	int data_len = end_data - data;

	if (IS_ERR(data))
		return data;

	/* booleans are 3 bytes: tag, length == 1 and value == 0 or 1 */
	if (data_len < 3)
		return ERR_PTR(-EINVAL);

	*(data++) = _tag(UNIV, PRIM, BOOL);
	data_len--;

	asn1_encode_length(&data, &data_len, 1);

	if (val)
		*(data++) = 1;
	else
		*(data++) = 0;

	return data;
}
EXPORT_SYMBOL_GPL(asn1_encode_boolean);

MODULE_LICENSE("GPL");
Commit	Line	Data
b0706762 JB	1	// SPDX-License-Identifier: GPL-2.0-only
	2	/*
	3	* Simple encoder primitives for ASN.1 BER/DER/CER
	4	*
	5	* Copyright (C) 2019 [email protected]
	6	*/
	7
	8	#include <linux/asn1_encoder.h>
	9	#include <linux/bug.h>
	10	#include <linux/string.h>
	11	#include <linux/module.h>
	12
	13	/**
	14	* asn1_encode_integer() - encode positive integer to ASN.1
	15	* @data: pointer to the pointer to the data
	16	* @end_data: end of data pointer, points one beyond last usable byte in @data
	17	* @integer: integer to be encoded
	18	*
	19	* This is a simplified encoder: it only currently does
	20	* positive integers, but it should be simple enough to add the
	21	* negative case if a use comes along.
	22	*/
	23	unsigned char *
	24	asn1_encode_integer(unsigned char data, const unsigned char end_data,
	25	s64 integer)
	26	{
	27	int data_len = end_data - data;
	28	unsigned char *d = &data[2];
	29	bool found = false;
	30	int i;
	31
	32	if (WARN(integer < 0,
	33	"BUG: integer encode only supports positive integers"))
	34	return ERR_PTR(-EINVAL);
	35
	36	if (IS_ERR(data))
	37	return data;
	38
	39	/* need at least 3 bytes for tag, length and integer encoding */
	40	if (data_len < 3)
	41	return ERR_PTR(-EINVAL);
	42
	43	/* remaining length where at d (the start of the integer encoding) */
	44	data_len -= 2;
	45
	46	data[0] = _tag(UNIV, PRIM, INT);
	47	if (integer == 0) {
	48	*d++ = 0;
	49	goto out;
	50	}
	51
	52	for (i = sizeof(integer); i > 0 ; i--) {
	53	int byte = integer >> (8 * (i - 1));
	54
	55	if (!found && byte == 0)
	56	continue;
	57
	58	/*
	59	* for a positive number the first byte must have bit
	60	* 7 clear in two's complement (otherwise it's a
	61	* negative number) so prepend a leading zero if
	62	* that's not the case
	63	*/
	64	if (!found && (byte & 0x80)) {
65	/*
66	* no check needed here, we already know we
67	* have len >= 1
68	*/
69	*d++ = 0;
70	data_len--;
71	}
72
73	found = true;
74	if (data_len == 0)
75	return ERR_PTR(-EINVAL);
76
77	*d++ = byte;
78	data_len--;
79	}
80
81	out:
82	data[1] = d - data - 2;
83
84	return d;
85	}
86	EXPORT_SYMBOL_GPL(asn1_encode_integer);
87
88	/* calculate the base 128 digit values setting the top bit of the first octet */
89	static int asn1_encode_oid_digit(unsigned char *_data, int data_len, u32 oid)
90	{
91	unsigned char data = _data;
92	int start = 7 + 7 + 7 + 7;
93	int ret = 0;
94
95	if (*data_len < 1)
96	return -EINVAL;
97
98	/* quick case */
99	if (oid == 0) {
100	*data++ = 0x80;
101	(*data_len)--;
102	goto out;
103	}
104
105	while (oid >> start == 0)
106	start -= 7;
107
108	while (start > 0 && *data_len > 0) {
109	u8 byte;
110
111	byte = oid >> start;
112	oid = oid - (byte << start);
113	start -= 7;
114	byte \|= 0x80;
115	*data++ = byte;
116	(*data_len)--;
117	}
118
119	if (*data_len > 0) {
120	*data++ = oid;
121	(*data_len)--;
122	} else {
123	ret = -EINVAL;
124	}
125
126	out:
127	*_data = data;
128	return ret;
129	}
130
131	/**
132	* asn1_encode_oid() - encode an oid to ASN.1
133	* @data: position to begin encoding at
134	* @end_data: end of data pointer, points one beyond last usable byte in @data
135	* @oid: array of oids
136	* @oid_len: length of oid array
137	*
138	* this encodes an OID up to ASN.1 when presented as an array of OID values
139	*/
140	unsigned char *
141	asn1_encode_oid(unsigned char data, const unsigned char end_data,
142	u32 oid[], int oid_len)
143	{
144	int data_len = end_data - data;
145	unsigned char *d = data + 2;
146	int i, ret;
147
148	if (WARN(oid_len < 2, "OID must have at least two elements"))
149	return ERR_PTR(-EINVAL);
150
151	if (WARN(oid_len > 32, "OID is too large"))
152	return ERR_PTR(-EINVAL);
153
154	if (IS_ERR(data))
155	return data;
156
157
158	/* need at least 3 bytes for tag, length and OID encoding */
159	if (data_len < 3)
160	return ERR_PTR(-EINVAL);
161
162	data[0] = _tag(UNIV, PRIM, OID);
163	d++ = oid[0] 40 + oid[1];
164
165	data_len -= 3;
166
167	ret = 0;
168
169	for (i = 2; i < oid_len; i++) {
170	ret = asn1_encode_oid_digit(&d, &data_len, oid[i]);
171	if (ret < 0)
172	return ERR_PTR(ret);
173	}
174
175	data[1] = d - data - 2;
176
177	return d;
178	}
179	EXPORT_SYMBOL_GPL(asn1_encode_oid);
180
181	/**
182	* asn1_encode_length() - encode a length to follow an ASN.1 tag
183	* @data: pointer to encode at
9dbbc3b9	184	* @data_len: pointer to remaining length (adjusted by routine)
b0706762 JB	185	* @len: length to encode
	186	*
	187	* This routine can encode lengths up to 65535 using the ASN.1 rules.
	188	* It will accept a negative length and place a zero length tag
	189	* instead (to keep the ASN.1 valid). This convention allows other
	190	* encoder primitives to accept negative lengths as singalling the
	191	* sequence will be re-encoded when the length is known.
	192	*/
	193	static int asn1_encode_length(unsigned char *data, int data_len, int len)
	194	{
	195	if (*data_len < 1)
	196	return -EINVAL;
	197
	198	if (len < 0) {
	199	((data)++) = 0;
	200	(*data_len)--;
	201	return 0;
	202	}
	203
	204	if (len <= 0x7f) {
	205	((data)++) = len;
	206	(*data_len)--;
	207	return 0;
	208	}
	209
	210	if (*data_len < 2)
	211	return -EINVAL;
	212
	213	if (len <= 0xff) {
	214	((data)++) = 0x81;
	215	((data)++) = len & 0xff;
	216	*data_len -= 2;
	217	return 0;
	218	}
	219
	220	if (*data_len < 3)
	221	return -EINVAL;
	222
	223	if (len <= 0xffff) {
	224	((data)++) = 0x82;
	225	((data)++) = (len >> 8) & 0xff;
	226	((data)++) = len & 0xff;
	227	*data_len -= 3;
	228	return 0;
	229	}
	230
	231	if (WARN(len > 0xffffff, "ASN.1 length can't be > 0xffffff"))
	232	return -EINVAL;
	233
	234	if (*data_len < 4)
	235	return -EINVAL;
	236	((data)++) = 0x83;
	237	((data)++) = (len >> 16) & 0xff;
	238	((data)++) = (len >> 8) & 0xff;
	239	((data)++) = len & 0xff;
	240	*data_len -= 4;
	241
	242	return 0;
	243	}
	244
	245	/**
	246	* asn1_encode_tag() - add a tag for optional or explicit value
	247	* @data: pointer to place tag at
	248	* @end_data: end of data pointer, points one beyond last usable byte in @data
249	* @tag: tag to be placed
250	* @string: the data to be tagged
251	* @len: the length of the data to be tagged
252	*
253	* Note this currently only handles short form tags < 31.
254	*
255	* Standard usage is to pass in a @tag, @string and @length and the
256	* @string will be ASN.1 encoded with @tag and placed into @data. If
257	* the encoding would put data past @end_data then an error is
258	* returned, otherwise a pointer to a position one beyond the encoding
259	* is returned.
260	*
261	* To encode in place pass a NULL @string and -1 for @len and the
262	* maximum allowable beginning and end of the data; all this will do
263	* is add the current maximum length and update the data pointer to
264	* the place where the tag contents should be placed is returned. The
265	* data should be copied in by the calling routine which should then
266	* repeat the prior statement but now with the known length. In order
267	* to avoid having to keep both before and after pointers, the repeat
268	* expects to be called with @data pointing to where the first encode
269	* returned it and still NULL for @string but the real length in @len.
270	*/
271	unsigned char *
272	asn1_encode_tag(unsigned char data, const unsigned char end_data,
273	u32 tag, const unsigned char *string, int len)
274	{
275	int data_len = end_data - data;
276	int ret;
277
278	if (WARN(tag > 30, "ASN.1 tag can't be > 30"))
279	return ERR_PTR(-EINVAL);
280
281	if (!string && WARN(len > 127,
282	"BUG: recode tag is too big (>127)"))
283	return ERR_PTR(-EINVAL);
284
285	if (IS_ERR(data))
286	return data;
287
288	if (!string && len > 0) {
289	/*
290	* we're recoding, so move back to the start of the
291	* tag and install a dummy length because the real
292	* data_len should be NULL
293	*/
294	data -= 2;
295	data_len = 2;
296	}
297
298	if (data_len < 2)
299	return ERR_PTR(-EINVAL);
300
301	*(data++) = _tagn(CONT, CONS, tag);
302	data_len--;
303	ret = asn1_encode_length(&data, &data_len, len);
304	if (ret < 0)
305	return ERR_PTR(ret);
306
307	if (!string)
308	return data;
309
310	if (data_len < len)
311	return ERR_PTR(-EINVAL);
312
313	memcpy(data, string, len);
314	data += len;
315
316	return data;
317	}
318	EXPORT_SYMBOL_GPL(asn1_encode_tag);
319
320	/**
321	* asn1_encode_octet_string() - encode an ASN.1 OCTET STRING
322	* @data: pointer to encode at
323	* @end_data: end of data pointer, points one beyond last usable byte in @data
324	* @string: string to be encoded
325	* @len: length of string
326	*
327	* Note ASN.1 octet strings may contain zeros, so the length is obligatory.
328	*/
329	unsigned char *
330	asn1_encode_octet_string(unsigned char *data,
331	const unsigned char *end_data,
332	const unsigned char *string, u32 len)
333	{
334	int data_len = end_data - data;
335	int ret;
336
337	if (IS_ERR(data))
338	return data;
339
340	/* need minimum of 2 bytes for tag and length of zero length string */
341	if (data_len < 2)
342	return ERR_PTR(-EINVAL);
343
344	*(data++) = _tag(UNIV, PRIM, OTS);
345	data_len--;
346
347	ret = asn1_encode_length(&data, &data_len, len);
348	if (ret)
349	return ERR_PTR(ret);
350
351	if (data_len < len)
352	return ERR_PTR(-EINVAL);
353
354	memcpy(data, string, len);
355	data += len;
356
357	return data;
358	}
359	EXPORT_SYMBOL_GPL(asn1_encode_octet_string);
360
361	/**
362	* asn1_encode_sequence() - wrap a byte stream in an ASN.1 SEQUENCE
363	* @data: pointer to encode at
364	* @end_data: end of data pointer, points one beyond last usable byte in @data
365	* @seq: data to be encoded as a sequence
366	* @len: length of the data to be encoded as a sequence
367	*
368	* Fill in a sequence. To encode in place, pass NULL for @seq and -1
369	* for @len; then call again once the length is known (still with NULL
370	* for @seq). In order to avoid having to keep both before and after
371	* pointers, the repeat expects to be called with @data pointing to
372	* where the first encode placed it.
373	*/
374	unsigned char *
375	asn1_encode_sequence(unsigned char data, const unsigned char end_data,
376	const unsigned char *seq, int len)
377	{
378	int data_len = end_data - data;
379	int ret;
380
381	if (!seq && WARN(len > 127,
382	"BUG: recode sequence is too big (>127)"))
383	return ERR_PTR(-EINVAL);
384
385	if (IS_ERR(data))
386	return data;
387
388	if (!seq && len >= 0) {
389	/*
390	* we're recoding, so move back to the start of the
391	* sequence and install a dummy length because the
392	* real length should be NULL
393	*/
394	data -= 2;
395	data_len = 2;
396	}
397
398	if (data_len < 2)
399	return ERR_PTR(-EINVAL);
400
401	*(data++) = _tag(UNIV, CONS, SEQ);
402	data_len--;
403
404	ret = asn1_encode_length(&data, &data_len, len);
405	if (ret)
406	return ERR_PTR(ret);
407
408	if (!seq)
409	return data;
410
411	if (data_len < len)
412	return ERR_PTR(-EINVAL);
413
414	memcpy(data, seq, len);
415	data += len;
416
417	return data;
418	}
419	EXPORT_SYMBOL_GPL(asn1_encode_sequence);
420
421	/**
422	* asn1_encode_boolean() - encode a boolean value to ASN.1
423	* @data: pointer to encode at
424	* @end_data: end of data pointer, points one beyond last usable byte in @data
425	* @val: the boolean true/false value
426	*/
427	unsigned char *
428	asn1_encode_boolean(unsigned char data, const unsigned char end_data,
429	bool val)
430	{
431	int data_len = end_data - data;
432
433	if (IS_ERR(data))
434	return data;
435
436	/* booleans are 3 bytes: tag, length == 1 and value == 0 or 1 */
437	if (data_len < 3)
438	return ERR_PTR(-EINVAL);
439
440	*(data++) = _tag(UNIV, PRIM, BOOL);
441	data_len--;
442
443	asn1_encode_length(&data, &data_len, 1);
444
445	if (val)
446	*(data++) = 1;
447	else
448	*(data++) = 0;
449
450	return data;
451	}
452	EXPORT_SYMBOL_GPL(asn1_encode_boolean);
453
454	MODULE_LICENSE("GPL");