1 /* $OpenBSD: a_mbstr.c,v 1.27 2023/07/05 21:23:36 beck Exp $ */ 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * project 1999. 4 */ 5 /* ==================================================================== 6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * licensing@OpenSSL.org. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 * 53 * This product includes cryptographic software written by Eric Young 54 * (eay@cryptsoft.com). This product includes software written by Tim 55 * Hudson (tjh@cryptsoft.com). 56 * 57 */ 58 59 #include <ctype.h> 60 #include <stdio.h> 61 #include <string.h> 62 63 #include <openssl/asn1.h> 64 #include <openssl/err.h> 65 66 #include "asn1_local.h" 67 68 static int traverse_string(const unsigned char *p, int len, int inform, 69 int (*rfunc)(unsigned long value, void *in), void *arg); 70 static int in_utf8(unsigned long value, void *arg); 71 static int out_utf8(unsigned long value, void *arg); 72 static int type_str(unsigned long value, void *arg); 73 static int cpy_asc(unsigned long value, void *arg); 74 static int cpy_bmp(unsigned long value, void *arg); 75 static int cpy_univ(unsigned long value, void *arg); 76 static int cpy_utf8(unsigned long value, void *arg); 77 static int is_printable(unsigned long value); 78 79 /* These functions take a string in UTF8, ASCII or multibyte form and 80 * a mask of permissible ASN1 string types. It then works out the minimal 81 * type (using the order Printable < IA5 < T61 < BMP < Universal < UTF8) 82 * and creates a string of the correct type with the supplied data. 83 * Yes this is horrible: it has to be :-( 84 * The 'ncopy' form checks minimum and maximum size limits too. 85 */ 86 87 int 88 ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len, 89 int inform, unsigned long mask) 90 { 91 return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0); 92 } 93 LCRYPTO_ALIAS(ASN1_mbstring_copy); 94 95 int 96 ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, 97 int inform, unsigned long mask, long minsize, long maxsize) 98 { 99 int str_type; 100 int ret; 101 char free_out; 102 int outform, outlen = 0; 103 ASN1_STRING *dest; 104 unsigned char *p; 105 int nchar; 106 int (*cpyfunc)(unsigned long, void *) = NULL; 107 108 if (len < 0) 109 len = strlen((const char *)in); 110 if (!mask) 111 mask = DIRSTRING_TYPE; 112 113 /* First do a string check and work out the number of characters */ 114 switch (inform) { 115 case MBSTRING_BMP: 116 if (len & 1) { 117 ASN1error(ASN1_R_INVALID_BMPSTRING_LENGTH); 118 return -1; 119 } 120 nchar = len >> 1; 121 break; 122 123 case MBSTRING_UNIV: 124 if (len & 3) { 125 ASN1error(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); 126 return -1; 127 } 128 nchar = len >> 2; 129 break; 130 131 case MBSTRING_UTF8: 132 nchar = 0; 133 /* This counts the characters and does utf8 syntax checking */ 134 ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar); 135 if (ret < 0) { 136 ASN1error(ASN1_R_INVALID_UTF8STRING); 137 return -1; 138 } 139 break; 140 141 case MBSTRING_ASC: 142 nchar = len; 143 break; 144 145 default: 146 ASN1error(ASN1_R_UNKNOWN_FORMAT); 147 return -1; 148 } 149 150 if ((minsize > 0) && (nchar < minsize)) { 151 ASN1error(ASN1_R_STRING_TOO_SHORT); 152 ERR_asprintf_error_data("minsize=%ld", minsize); 153 return -1; 154 } 155 156 if ((maxsize > 0) && (nchar > maxsize)) { 157 ASN1error(ASN1_R_STRING_TOO_LONG); 158 ERR_asprintf_error_data("maxsize=%ld", maxsize); 159 return -1; 160 } 161 162 /* Now work out minimal type (if any) */ 163 if (traverse_string(in, len, inform, type_str, &mask) < 0) { 164 ASN1error(ASN1_R_ILLEGAL_CHARACTERS); 165 return -1; 166 } 167 168 169 /* Now work out output format and string type */ 170 outform = MBSTRING_ASC; 171 if (mask & B_ASN1_PRINTABLESTRING) 172 str_type = V_ASN1_PRINTABLESTRING; 173 else if (mask & B_ASN1_IA5STRING) 174 str_type = V_ASN1_IA5STRING; 175 else if (mask & B_ASN1_T61STRING) 176 str_type = V_ASN1_T61STRING; 177 else if (mask & B_ASN1_BMPSTRING) { 178 str_type = V_ASN1_BMPSTRING; 179 outform = MBSTRING_BMP; 180 } else if (mask & B_ASN1_UNIVERSALSTRING) { 181 str_type = V_ASN1_UNIVERSALSTRING; 182 outform = MBSTRING_UNIV; 183 } else { 184 str_type = V_ASN1_UTF8STRING; 185 outform = MBSTRING_UTF8; 186 } 187 if (!out) 188 return str_type; 189 if (*out) { 190 free_out = 0; 191 dest = *out; 192 if (dest->data) { 193 dest->length = 0; 194 free(dest->data); 195 dest->data = NULL; 196 } 197 dest->type = str_type; 198 } else { 199 free_out = 1; 200 dest = ASN1_STRING_type_new(str_type); 201 if (!dest) { 202 ASN1error(ERR_R_MALLOC_FAILURE); 203 return -1; 204 } 205 *out = dest; 206 } 207 /* If both the same type just copy across */ 208 if (inform == outform) { 209 if (!ASN1_STRING_set(dest, in, len)) { 210 ASN1error(ERR_R_MALLOC_FAILURE); 211 goto err; 212 } 213 return str_type; 214 } 215 216 /* Work out how much space the destination will need */ 217 switch (outform) { 218 case MBSTRING_ASC: 219 outlen = nchar; 220 cpyfunc = cpy_asc; 221 break; 222 223 case MBSTRING_BMP: 224 outlen = nchar << 1; 225 cpyfunc = cpy_bmp; 226 break; 227 228 case MBSTRING_UNIV: 229 outlen = nchar << 2; 230 cpyfunc = cpy_univ; 231 break; 232 233 case MBSTRING_UTF8: 234 outlen = 0; 235 if (traverse_string(in, len, inform, out_utf8, &outlen) < 0) { 236 ASN1error(ASN1_R_ILLEGAL_CHARACTERS); 237 goto err; 238 } 239 cpyfunc = cpy_utf8; 240 break; 241 } 242 if (!(p = malloc(outlen + 1))) { 243 ASN1error(ERR_R_MALLOC_FAILURE); 244 goto err; 245 } 246 dest->length = outlen; 247 dest->data = p; 248 p[outlen] = 0; 249 traverse_string(in, len, inform, cpyfunc, &p); 250 return str_type; 251 252 err: 253 if (free_out) { 254 ASN1_STRING_free(dest); 255 *out = NULL; 256 } 257 return -1; 258 } 259 LCRYPTO_ALIAS(ASN1_mbstring_ncopy); 260 261 /* This function traverses a string and passes the value of each character 262 * to an optional function along with a void * argument. 263 */ 264 265 static int 266 traverse_string(const unsigned char *p, int len, int inform, 267 int (*rfunc)(unsigned long value, void *in), void *arg) 268 { 269 unsigned long value; 270 int ret; 271 272 while (len) { 273 switch (inform) { 274 case MBSTRING_ASC: 275 value = *p++; 276 len--; 277 break; 278 case MBSTRING_BMP: 279 value = *p++ << 8; 280 value |= *p++; 281 /* BMP is explicitly defined to not support surrogates */ 282 if (UNICODE_IS_SURROGATE(value)) 283 return -1; 284 len -= 2; 285 break; 286 case MBSTRING_UNIV: 287 value = (unsigned long)*p++ << 24; 288 value |= *p++ << 16; 289 value |= *p++ << 8; 290 value |= *p++; 291 if (value > UNICODE_MAX || UNICODE_IS_SURROGATE(value)) 292 return -1; 293 len -= 4; 294 break; 295 default: 296 ret = UTF8_getc(p, len, &value); 297 if (ret < 0) 298 return -1; 299 len -= ret; 300 p += ret; 301 break; 302 } 303 if (rfunc) { 304 ret = rfunc(value, arg); 305 if (ret <= 0) 306 return ret; 307 } 308 } 309 return 1; 310 } 311 312 /* Various utility functions for traverse_string */ 313 314 /* Just count number of characters */ 315 316 static int 317 in_utf8(unsigned long value, void *arg) 318 { 319 int *nchar; 320 321 nchar = arg; 322 (*nchar)++; 323 return 1; 324 } 325 326 /* Determine size of output as a UTF8 String */ 327 328 static int 329 out_utf8(unsigned long value, void *arg) 330 { 331 int *outlen; 332 int ret; 333 334 outlen = arg; 335 ret = UTF8_putc(NULL, -1, value); 336 if (ret < 0) 337 return ret; 338 *outlen += ret; 339 return 1; 340 } 341 342 /* Determine the "type" of a string: check each character against a 343 * supplied "mask". 344 */ 345 346 static int 347 type_str(unsigned long value, void *arg) 348 { 349 unsigned long types; 350 351 types = *((unsigned long *)arg); 352 if ((types & B_ASN1_PRINTABLESTRING) && !is_printable(value)) 353 types &= ~B_ASN1_PRINTABLESTRING; 354 if ((types & B_ASN1_IA5STRING) && (value > 127)) 355 types &= ~B_ASN1_IA5STRING; 356 if ((types & B_ASN1_T61STRING) && (value > 0xff)) 357 types &= ~B_ASN1_T61STRING; 358 if ((types & B_ASN1_BMPSTRING) && (value > 0xffff)) 359 types &= ~B_ASN1_BMPSTRING; 360 if (!types) 361 return -1; 362 *((unsigned long *)arg) = types; 363 return 1; 364 } 365 366 /* Copy one byte per character ASCII like strings */ 367 368 static int 369 cpy_asc(unsigned long value, void *arg) 370 { 371 unsigned char **p, *q; 372 373 p = arg; 374 q = *p; 375 *q = value; 376 (*p)++; 377 return 1; 378 } 379 380 /* Copy two byte per character BMPStrings */ 381 382 static int 383 cpy_bmp(unsigned long value, void *arg) 384 { 385 unsigned char **p, *q; 386 387 p = arg; 388 q = *p; 389 *q++ = (value >> 8) & 0xff; 390 *q = value & 0xff; 391 *p += 2; 392 return 1; 393 } 394 395 /* Copy four byte per character UniversalStrings */ 396 397 static int 398 cpy_univ(unsigned long value, void *arg) 399 { 400 unsigned char **p, *q; 401 402 p = arg; 403 q = *p; 404 *q++ = (value >> 24) & 0xff; 405 *q++ = (value >> 16) & 0xff; 406 *q++ = (value >> 8) & 0xff; 407 *q = value & 0xff; 408 *p += 4; 409 return 1; 410 } 411 412 /* Copy to a UTF8String */ 413 414 static int 415 cpy_utf8(unsigned long value, void *arg) 416 { 417 unsigned char **p; 418 419 int ret; 420 p = arg; 421 /* We already know there is enough room so pass 0xff as the length */ 422 ret = UTF8_putc(*p, 0xff, value); 423 *p += ret; 424 return 1; 425 } 426 427 /* Return 1 if the character is permitted in a PrintableString */ 428 static int 429 is_printable(unsigned long value) 430 { 431 int ch; 432 433 if (value > 0x7f) 434 return 0; 435 ch = (int)value; 436 437 /* Note: we can't use 'isalnum' because certain accented 438 * characters may count as alphanumeric in some environments. 439 */ 440 if ((ch >= 'a') && (ch <= 'z')) 441 return 1; 442 if ((ch >= 'A') && (ch <= 'Z')) 443 return 1; 444 if ((ch >= '0') && (ch <= '9')) 445 return 1; 446 if ((ch == ' ') || strchr("'()+,-./:=?", ch)) 447 return 1; 448 return 0; 449 } 450