rewrite .traverse in ruby

Author: HoneyryderChuck

lib/openssl/asn1.rb

@@ -537,11 +537,24 @@ def decode_all(data)
       objs
     end
 
+    def traverse(der, &blk)
+      raise LocalJumpError unless blk
+
+      _, remaining = decode0(der, &blk)
+
+      unless remaining.nil? || remaining.empty?
+        total_read = der.size - remaining.size
+        raise ASN1Error, "Type mismatch. Total bytes read: #{total_read} Bytes available: #{remaining.size} Offset: #{total_read}"
+      end
+
+      nil
+    end
+
     def decode(data)
       decode0(data).first
     end
 
-    def decode0(data)
+    def decode0(data, depth = 0, offset = 0, &block)
       data = data.to_der if data.respond_to?(:to_der)
 
       first_byte, length = data.unpack('CC')
@@ -582,8 +595,34 @@ def decode0(data)
         data[no_id_idx + 1..-1]
       end
 
+      if block
+        elems = [
+          depth, offset,
+          # header_length
+          no_id_idx + length_bytes,
+          # length
+          length,
+          is_constructed,
+          tag_class,
+          id
+        ]
+
+        arity = block.arity
+        if arity == 1
+          block.call(elems)
+        else
+          if arity < elems.size
+            elems = elems[0, arity]
+          end
+
+          block.call(*elems)
+        end
+      end
+
+      offset += no_id_idx + length_bytes
+
       if is_constructed
-        decode_cons(tag_class, id, length, value, is_indefinite_length)
+        decode_cons(tag_class, id, length, value, is_indefinite_length, depth, offset, &block)
       else
         if is_indefinite_length
           raise ASN1Error, "invalid length" if PRIMITIVE_TAG_IDS.include?(id)
@@ -592,14 +631,18 @@ def decode0(data)
       end
     end
 
-    def decode_cons(tag_class, id, length, data, is_indefinite_length)
+    def decode_cons(tag_class, id, length, data, is_indefinite_length, depth, offset, &block)
       remaining = data[length..-1]
       data = data[0, length]
 
       objs = []
       has_eoc = false
       until data.empty?
-        obj, data = decode0(data)
+        datalen = data.size
+
+        obj, data = decode0(data, depth + 1, offset, &block)
+
+        offset += datalen - data.size
 
         case obj
         when EndOfContent

test/openssl/test_asn1.rb

@@ -203,6 +203,62 @@ def test_decode_all
     end
   end
 
+  def test_traverse
+    assert_raise(LocalJumpError) {
+      OpenSSL::ASN1.traverse(B(%w{ 00 00 }))
+    }
+    # primitive
+    expected = [[0, 0, 2, 1, false, :UNIVERSAL, 2]]
+    received = []
+    OpenSSL::ASN1.traverse(B((%w{ 02 01 00 }))) do |args|
+      received << args
+    end
+    assert_equal expected, received
+
+    # asn1data
+    expected = [[0, 0, 2, 0, false, :APPLICATION, 1]]
+    received = []
+    OpenSSL::ASN1.traverse(B((%w{ 41 00 }))) do |args|
+       received << args
+    end
+    assert_equal expected, received
+    #constructed
+    expected = [
+      [0, 0, 2, 7, true, :UNIVERSAL, 16],
+      [1, 2, 2, 0, false, :UNIVERSAL, 5],
+      [1, 4, 2, 0, true, :UNIVERSAL, 16],
+      [1, 6, 2, 1, false, :UNIVERSAL, 4]
+    ]
+    received = []
+    OpenSSL::ASN1.traverse(B(%w{ 30 07 05 00 30 00 04 01 00 })) do |args|
+      received << args
+    end
+    assert_equal expected, received
+    # indefinite length
+    expected = [
+      [0, 0, 2, 7, true, :UNIVERSAL, 16],
+      [1, 2, 2, 0, false, :UNIVERSAL, 5],
+      [1, 4, 2, 0, true, :UNIVERSAL, 16],
+      [1, 6, 2, 1, false, :UNIVERSAL, 4]
+    ]
+    received = []
+    OpenSSL::ASN1.traverse(B(%w{ 30 07 05 00 30 00 04 01 00 })) do |args|
+      received << args
+    end
+    # multiple ders
+    # it yields while traversing, and fails if there's more data beyond the first DER
+    expected = [
+      [0, 0, 2, 1, false, :UNIVERSAL, 2]
+    ]
+    received = []
+    assert_raise(OpenSSL::ASN1::ASN1Error) do
+      OpenSSL::ASN1.traverse(B(%w{ 02 01 01 02 01 02 02 01 03 })) do |args|
+        received << args
+      end
+    end
+    assert_equal expected, received
+  end
+
   def test_object_id_register
     oid = "1.2.34.56789"
     pend "OID 1.2.34.56789 is already registered" if OpenSSL::ASN1::ObjectId(oid).sn