1 /* $OpenBSD: a_string.c,v 1.11 2022/05/20 08:04:21 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <limits.h> 60 #include <stdlib.h> 61 #include <string.h> 62 63 #include <openssl/asn1.h> 64 #include <openssl/err.h> 65 66 #include "asn1_locl.h" 67 68 ASN1_STRING * 69 ASN1_STRING_new(void) 70 { 71 return ASN1_STRING_type_new(V_ASN1_OCTET_STRING); 72 } 73 74 ASN1_STRING * 75 ASN1_STRING_type_new(int type) 76 { 77 ASN1_STRING *astr; 78 79 if ((astr = calloc(1, sizeof(ASN1_STRING))) == NULL) { 80 ASN1error(ERR_R_MALLOC_FAILURE); 81 return NULL; 82 } 83 astr->type = type; 84 85 return astr; 86 } 87 88 static void 89 ASN1_STRING_clear(ASN1_STRING *astr) 90 { 91 if (!(astr->flags & ASN1_STRING_FLAG_NDEF)) 92 freezero(astr->data, astr->length); 93 94 astr->flags &= ~ASN1_STRING_FLAG_NDEF; 95 astr->data = NULL; 96 astr->length = 0; 97 } 98 99 void 100 ASN1_STRING_free(ASN1_STRING *astr) 101 { 102 if (astr == NULL) 103 return; 104 105 ASN1_STRING_clear(astr); 106 107 free(astr); 108 } 109 110 int 111 ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b) 112 { 113 int cmp; 114 115 if (a == NULL || b == NULL) 116 return -1; 117 if ((cmp = (a->length - b->length)) != 0) 118 return cmp; 119 if ((cmp = memcmp(a->data, b->data, a->length)) != 0) 120 return cmp; 121 122 return (a->type - b->type); 123 } 124 125 int 126 ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *src) 127 { 128 if (src == NULL) 129 return 0; 130 131 if (!ASN1_STRING_set(dst, src->data, src->length)) 132 return 0; 133 134 dst->type = src->type; 135 dst->flags = src->flags & ~ASN1_STRING_FLAG_NDEF; 136 137 return 1; 138 } 139 140 ASN1_STRING * 141 ASN1_STRING_dup(const ASN1_STRING *src) 142 { 143 ASN1_STRING *astr; 144 145 if (src == NULL) 146 return NULL; 147 148 if ((astr = ASN1_STRING_new()) == NULL) 149 return NULL; 150 if (!ASN1_STRING_copy(astr, src)) { 151 ASN1_STRING_free(astr); 152 return NULL; 153 } 154 return astr; 155 } 156 157 int 158 ASN1_STRING_set(ASN1_STRING *astr, const void *_data, int len) 159 { 160 const char *data = _data; 161 162 if (len == -1) { 163 size_t slen; 164 165 if (data == NULL) 166 return 0; 167 168 if ((slen = strlen(data)) > INT_MAX) 169 return 0; 170 171 len = (int)slen; 172 } 173 174 ASN1_STRING_clear(astr); 175 176 if (len < 0 || len >= INT_MAX) 177 return 0; 178 179 if ((astr->data = calloc(1, len + 1)) == NULL) { 180 ASN1error(ERR_R_MALLOC_FAILURE); 181 return (0); 182 } 183 astr->length = len; 184 185 if (data != NULL) { 186 memcpy(astr->data, data, len); 187 astr->data[len] = '\0'; 188 } 189 190 return 1; 191 } 192 193 void 194 ASN1_STRING_set0(ASN1_STRING *astr, void *data, int len) 195 { 196 ASN1_STRING_clear(astr); 197 198 astr->data = data; 199 astr->length = len; 200 } 201 202 void 203 asn1_add_error(const unsigned char *address, int offset) 204 { 205 ERR_asprintf_error_data("offset=%d", offset); 206 } 207 208 int 209 ASN1_STRING_length(const ASN1_STRING *astr) 210 { 211 return astr->length; 212 } 213 214 void 215 ASN1_STRING_length_set(ASN1_STRING *astr, int len) 216 { 217 /* This is dangerous and unfixable. */ 218 astr->length = len; 219 } 220 221 int 222 ASN1_STRING_type(const ASN1_STRING *astr) 223 { 224 return astr->type; 225 } 226 227 unsigned char * 228 ASN1_STRING_data(ASN1_STRING *astr) 229 { 230 return astr->data; 231 } 232 233 const unsigned char * 234 ASN1_STRING_get0_data(const ASN1_STRING *astr) 235 { 236 return astr->data; 237 } 238 239 int 240 ASN1_STRING_print(BIO *bp, const ASN1_STRING *astr) 241 { 242 int i, n; 243 char buf[80]; 244 const char *p; 245 246 if (astr == NULL) 247 return 0; 248 249 n = 0; 250 p = (const char *)astr->data; 251 for (i = 0; i < astr->length; i++) { 252 if ((p[i] > '~') || ((p[i] < ' ') && 253 (p[i] != '\n') && (p[i] != '\r'))) 254 buf[n] = '.'; 255 else 256 buf[n] = p[i]; 257 n++; 258 if (n >= 80) { 259 if (BIO_write(bp, buf, n) <= 0) 260 return 0; 261 n = 0; 262 } 263 } 264 if (n > 0) { 265 if (BIO_write(bp, buf, n) <= 0) 266 return 0; 267 } 268 269 return 1; 270 } 271 272 /* 273 * Utility function: convert any string type to UTF8, returns number of bytes 274 * in output string or a negative error code 275 */ 276 int 277 ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in) 278 { 279 ASN1_STRING *astr = NULL; 280 int mbflag; 281 int ret = -1; 282 283 /* 284 * XXX We can't fail on *out != NULL here since things like haproxy and 285 * grpc pass in a pointer to an uninitialized pointer on the stack. 286 */ 287 if (out == NULL) 288 goto err; 289 290 if (in == NULL) 291 goto err; 292 293 if ((mbflag = asn1_tag2charwidth(in->type)) == -1) 294 goto err; 295 296 mbflag |= MBSTRING_FLAG; 297 298 if ((ret = ASN1_mbstring_copy(&astr, in->data, in->length, mbflag, 299 B_ASN1_UTF8STRING)) < 0) 300 goto err; 301 302 *out = astr->data; 303 ret = astr->length; 304 305 astr->data = NULL; 306 astr->length = 0; 307 308 err: 309 ASN1_STRING_free(astr); 310 311 return ret; 312 } 313 314 int 315 i2a_ASN1_STRING(BIO *bp, const ASN1_STRING *astr, int type) 316 { 317 int i, n = 0; 318 static const char h[] = "0123456789ABCDEF"; 319 char buf[2]; 320 321 if (astr == NULL) 322 return 0; 323 324 if (astr->length == 0) { 325 if (BIO_write(bp, "0", 1) != 1) 326 goto err; 327 n = 1; 328 } else { 329 for (i = 0; i < astr->length; i++) { 330 if ((i != 0) && (i % 35 == 0)) { 331 if (BIO_write(bp, "\\\n", 2) != 2) 332 goto err; 333 n += 2; 334 } 335 buf[0] = h[((unsigned char)astr->data[i] >> 4) & 0x0f]; 336 buf[1] = h[((unsigned char)astr->data[i]) & 0x0f]; 337 if (BIO_write(bp, buf, 2) != 2) 338 goto err; 339 n += 2; 340 } 341 } 342 return n; 343 344 err: 345 return -1; 346 } 347 348 int 349 a2i_ASN1_STRING(BIO *bp, ASN1_STRING *astr, char *buf, int size) 350 { 351 int ret = 0; 352 int i, j, k, m, n, again, bufsize; 353 unsigned char *s = NULL, *sp; 354 unsigned char *bufp; 355 int first = 1; 356 size_t num = 0, slen = 0; 357 358 bufsize = BIO_gets(bp, buf, size); 359 for (;;) { 360 if (bufsize < 1) { 361 if (first) 362 break; 363 else 364 goto err_sl; 365 } 366 first = 0; 367 368 i = bufsize; 369 if (buf[i-1] == '\n') 370 buf[--i] = '\0'; 371 if (i == 0) 372 goto err_sl; 373 if (buf[i-1] == '\r') 374 buf[--i] = '\0'; 375 if (i == 0) 376 goto err_sl; 377 if (buf[i - 1] == '\\') { 378 i--; 379 again = 1; 380 } else 381 again = 0; 382 buf[i] = '\0'; 383 if (i < 2) 384 goto err_sl; 385 386 bufp = (unsigned char *)buf; 387 388 k = 0; 389 if (i % 2 != 0) { 390 ASN1error(ASN1_R_ODD_NUMBER_OF_CHARS); 391 goto err; 392 } 393 i /= 2; 394 if (num + i > slen) { 395 sp = realloc(s, num + i); 396 if (sp == NULL) { 397 ASN1error(ERR_R_MALLOC_FAILURE); 398 goto err; 399 } 400 s = sp; 401 slen = num + i; 402 } 403 for (j = 0; j < i; j++, k += 2) { 404 for (n = 0; n < 2; n++) { 405 m = bufp[k + n]; 406 if ((m >= '0') && (m <= '9')) 407 m -= '0'; 408 else if ((m >= 'a') && (m <= 'f')) 409 m = m - 'a' + 10; 410 else if ((m >= 'A') && (m <= 'F')) 411 m = m - 'A' + 10; 412 else { 413 ASN1error(ASN1_R_NON_HEX_CHARACTERS); 414 goto err; 415 } 416 s[num + j] <<= 4; 417 s[num + j] |= m; 418 } 419 } 420 num += i; 421 if (again) 422 bufsize = BIO_gets(bp, buf, size); 423 else 424 break; 425 } 426 astr->length = num; 427 astr->data = s; 428 429 return 1; 430 431 err_sl: 432 ASN1error(ASN1_R_SHORT_LINE); 433 err: 434 free(s); 435 436 return ret; 437 } 438