1 /* $OpenBSD: a_string.c,v 1.11 2022/05/20 08:04:21 tb Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 
59 #include <limits.h>
60 #include <stdlib.h>
61 #include <string.h>
62 
63 #include <openssl/asn1.h>
64 #include <openssl/err.h>
65 
66 #include "asn1_locl.h"
67 
68 ASN1_STRING *
69 ASN1_STRING_new(void)
70 {
71 	return ASN1_STRING_type_new(V_ASN1_OCTET_STRING);
72 }
73 
74 ASN1_STRING *
75 ASN1_STRING_type_new(int type)
76 {
77 	ASN1_STRING *astr;
78 
79 	if ((astr = calloc(1, sizeof(ASN1_STRING))) == NULL) {
80 		ASN1error(ERR_R_MALLOC_FAILURE);
81 		return NULL;
82 	}
83 	astr->type = type;
84 
85 	return astr;
86 }
87 
88 static void
89 ASN1_STRING_clear(ASN1_STRING *astr)
90 {
91 	if (!(astr->flags & ASN1_STRING_FLAG_NDEF))
92 		freezero(astr->data, astr->length);
93 
94 	astr->flags &= ~ASN1_STRING_FLAG_NDEF;
95 	astr->data = NULL;
96 	astr->length = 0;
97 }
98 
99 void
100 ASN1_STRING_free(ASN1_STRING *astr)
101 {
102 	if (astr == NULL)
103 		return;
104 
105 	ASN1_STRING_clear(astr);
106 
107 	free(astr);
108 }
109 
110 int
111 ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
112 {
113 	int cmp;
114 
115 	if (a == NULL || b == NULL)
116 		return -1;
117 	if ((cmp = (a->length - b->length)) != 0)
118 		return cmp;
119 	if ((cmp = memcmp(a->data, b->data, a->length)) != 0)
120 		return cmp;
121 
122 	return (a->type - b->type);
123 }
124 
125 int
126 ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *src)
127 {
128 	if (src == NULL)
129 		return 0;
130 
131 	if (!ASN1_STRING_set(dst, src->data, src->length))
132 		return 0;
133 
134 	dst->type = src->type;
135 	dst->flags = src->flags & ~ASN1_STRING_FLAG_NDEF;
136 
137 	return 1;
138 }
139 
140 ASN1_STRING *
141 ASN1_STRING_dup(const ASN1_STRING *src)
142 {
143 	ASN1_STRING *astr;
144 
145 	if (src == NULL)
146 		return NULL;
147 
148 	if ((astr = ASN1_STRING_new()) == NULL)
149 		return NULL;
150 	if (!ASN1_STRING_copy(astr, src)) {
151 		ASN1_STRING_free(astr);
152 		return NULL;
153 	}
154 	return astr;
155 }
156 
157 int
158 ASN1_STRING_set(ASN1_STRING *astr, const void *_data, int len)
159 {
160 	const char *data = _data;
161 
162 	if (len == -1) {
163 		size_t slen;
164 
165 		if (data == NULL)
166 			return 0;
167 
168 		if ((slen = strlen(data)) > INT_MAX)
169 			return 0;
170 
171 		len = (int)slen;
172 	}
173 
174 	ASN1_STRING_clear(astr);
175 
176 	if (len < 0 || len >= INT_MAX)
177 		return 0;
178 
179 	if ((astr->data = calloc(1, len + 1)) == NULL) {
180 		ASN1error(ERR_R_MALLOC_FAILURE);
181 		return (0);
182 	}
183 	astr->length = len;
184 
185 	if (data != NULL) {
186 		memcpy(astr->data, data, len);
187 		astr->data[len] = '\0';
188 	}
189 
190 	return 1;
191 }
192 
193 void
194 ASN1_STRING_set0(ASN1_STRING *astr, void *data, int len)
195 {
196 	ASN1_STRING_clear(astr);
197 
198 	astr->data = data;
199 	astr->length = len;
200 }
201 
202 void
203 asn1_add_error(const unsigned char *address, int offset)
204 {
205 	ERR_asprintf_error_data("offset=%d", offset);
206 }
207 
208 int
209 ASN1_STRING_length(const ASN1_STRING *astr)
210 {
211 	return astr->length;
212 }
213 
214 void
215 ASN1_STRING_length_set(ASN1_STRING *astr, int len)
216 {
217 	/* This is dangerous and unfixable. */
218 	astr->length = len;
219 }
220 
221 int
222 ASN1_STRING_type(const ASN1_STRING *astr)
223 {
224 	return astr->type;
225 }
226 
227 unsigned char *
228 ASN1_STRING_data(ASN1_STRING *astr)
229 {
230 	return astr->data;
231 }
232 
233 const unsigned char *
234 ASN1_STRING_get0_data(const ASN1_STRING *astr)
235 {
236 	return astr->data;
237 }
238 
239 int
240 ASN1_STRING_print(BIO *bp, const ASN1_STRING *astr)
241 {
242 	int i, n;
243 	char buf[80];
244 	const char *p;
245 
246 	if (astr == NULL)
247 		return 0;
248 
249 	n = 0;
250 	p = (const char *)astr->data;
251 	for (i = 0; i < astr->length; i++) {
252 		if ((p[i] > '~') || ((p[i] < ' ') &&
253 		    (p[i] != '\n') && (p[i] != '\r')))
254 			buf[n] = '.';
255 		else
256 			buf[n] = p[i];
257 		n++;
258 		if (n >= 80) {
259 			if (BIO_write(bp, buf, n) <= 0)
260 				return 0;
261 			n = 0;
262 		}
263 	}
264 	if (n > 0) {
265 		if (BIO_write(bp, buf, n) <= 0)
266 			return 0;
267 	}
268 
269 	return 1;
270 }
271 
272 /*
273  * Utility function: convert any string type to UTF8, returns number of bytes
274  * in output string or a negative error code
275  */
276 int
277 ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in)
278 {
279 	ASN1_STRING *astr = NULL;
280 	int mbflag;
281 	int ret = -1;
282 
283 	/*
284 	 * XXX We can't fail on *out != NULL here since things like haproxy and
285 	 * grpc pass in a pointer to an uninitialized pointer on the stack.
286 	 */
287 	if (out == NULL)
288 		goto err;
289 
290 	if (in == NULL)
291 		goto err;
292 
293 	if ((mbflag = asn1_tag2charwidth(in->type)) == -1)
294 		goto err;
295 
296 	mbflag |= MBSTRING_FLAG;
297 
298 	if ((ret = ASN1_mbstring_copy(&astr, in->data, in->length, mbflag,
299 	    B_ASN1_UTF8STRING)) < 0)
300 		goto err;
301 
302 	*out = astr->data;
303 	ret = astr->length;
304 
305 	astr->data = NULL;
306 	astr->length = 0;
307 
308  err:
309 	ASN1_STRING_free(astr);
310 
311 	return ret;
312 }
313 
314 int
315 i2a_ASN1_STRING(BIO *bp, const ASN1_STRING *astr, int type)
316 {
317 	int i, n = 0;
318 	static const char h[] = "0123456789ABCDEF";
319 	char buf[2];
320 
321 	if (astr == NULL)
322 		return 0;
323 
324 	if (astr->length == 0) {
325 		if (BIO_write(bp, "0", 1) != 1)
326 			goto err;
327 		n = 1;
328 	} else {
329 		for (i = 0; i < astr->length; i++) {
330 			if ((i != 0) && (i % 35 == 0)) {
331 				if (BIO_write(bp, "\\\n", 2) != 2)
332 					goto err;
333 				n += 2;
334 			}
335 			buf[0] = h[((unsigned char)astr->data[i] >> 4) & 0x0f];
336 			buf[1] = h[((unsigned char)astr->data[i]) & 0x0f];
337 			if (BIO_write(bp, buf, 2) != 2)
338 				goto err;
339 			n += 2;
340 		}
341 	}
342 	return n;
343 
344  err:
345 	return -1;
346 }
347 
348 int
349 a2i_ASN1_STRING(BIO *bp, ASN1_STRING *astr, char *buf, int size)
350 {
351 	int ret = 0;
352 	int i, j, k, m, n, again, bufsize;
353 	unsigned char *s = NULL, *sp;
354 	unsigned char *bufp;
355 	int first = 1;
356 	size_t num = 0, slen = 0;
357 
358 	bufsize = BIO_gets(bp, buf, size);
359 	for (;;) {
360 		if (bufsize < 1) {
361 			if (first)
362 				break;
363 			else
364 				goto err_sl;
365 		}
366 		first = 0;
367 
368 		i = bufsize;
369 		if (buf[i-1] == '\n')
370 			buf[--i] = '\0';
371 		if (i == 0)
372 			goto err_sl;
373 		if (buf[i-1] == '\r')
374 			buf[--i] = '\0';
375 		if (i == 0)
376 			goto err_sl;
377 		if (buf[i - 1] == '\\') {
378 			i--;
379 			again = 1;
380 		} else
381 			again = 0;
382 		buf[i] = '\0';
383 		if (i < 2)
384 			goto err_sl;
385 
386 		bufp = (unsigned char *)buf;
387 
388 		k = 0;
389 		if (i % 2 != 0) {
390 			ASN1error(ASN1_R_ODD_NUMBER_OF_CHARS);
391 			goto err;
392 		}
393 		i /= 2;
394 		if (num + i > slen) {
395 			sp = realloc(s, num + i);
396 			if (sp == NULL) {
397 				ASN1error(ERR_R_MALLOC_FAILURE);
398 				goto err;
399 			}
400 			s = sp;
401 			slen = num + i;
402 		}
403 		for (j = 0; j < i; j++, k += 2) {
404 			for (n = 0; n < 2; n++) {
405 				m = bufp[k + n];
406 				if ((m >= '0') && (m <= '9'))
407 					m -= '0';
408 				else if ((m >= 'a') && (m <= 'f'))
409 					m = m - 'a' + 10;
410 				else if ((m >= 'A') && (m <= 'F'))
411 					m = m - 'A' + 10;
412 				else {
413 					ASN1error(ASN1_R_NON_HEX_CHARACTERS);
414 					goto err;
415 				}
416 				s[num + j] <<= 4;
417 				s[num + j] |= m;
418 			}
419 		}
420 		num += i;
421 		if (again)
422 			bufsize = BIO_gets(bp, buf, size);
423 		else
424 			break;
425 	}
426 	astr->length = num;
427 	astr->data = s;
428 
429 	return 1;
430 
431  err_sl:
432 	ASN1error(ASN1_R_SHORT_LINE);
433  err:
434 	free(s);
435 
436 	return ret;
437 }
438