• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2  * All rights reserved.
3  *
4  * This package is an SSL implementation written
5  * by Eric Young (eay@cryptsoft.com).
6  * The implementation was written so as to conform with Netscapes SSL.
7  *
8  * This library is free for commercial and non-commercial use as long as
9  * the following conditions are aheared to.  The following conditions
10  * apply to all code found in this distribution, be it the RC4, RSA,
11  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
12  * included with this distribution is covered by the same copyright terms
13  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14  *
15  * Copyright remains Eric Young's, and as such any Copyright notices in
16  * the code are not to be removed.
17  * If this package is used in a product, Eric Young should be given attribution
18  * as the author of the parts of the library used.
19  * This can be in the form of a textual message at program startup or
20  * in documentation (online or textual) provided with the package.
21  *
22  * Redistribution and use in source and binary forms, with or without
23  * modification, are permitted provided that the following conditions
24  * are met:
25  * 1. Redistributions of source code must retain the copyright
26  *    notice, this list of conditions and the following disclaimer.
27  * 2. Redistributions in binary form must reproduce the above copyright
28  *    notice, this list of conditions and the following disclaimer in the
29  *    documentation and/or other materials provided with the distribution.
30  * 3. All advertising materials mentioning features or use of this software
31  *    must display the following acknowledgement:
32  *    "This product includes cryptographic software written by
33  *     Eric Young (eay@cryptsoft.com)"
34  *    The word 'cryptographic' can be left out if the rouines from the library
35  *    being used are not cryptographic related :-).
36  * 4. If you include any Windows specific code (or a derivative thereof) from
37  *    the apps directory (application code) you must include an acknowledgement:
38  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39  *
40  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50  * SUCH DAMAGE.
51  *
52  * The licence and distribution terms for any publically available version or
53  * derivative of this code cannot be changed.  i.e. this code cannot simply be
54  * copied and put under another distribution licence
55  * [including the GNU Public Licence.] */
56 
57 #include <openssl/asn1.h>
58 
59 #include <limits.h>
60 #include <string.h>
61 
62 #include <openssl/asn1t.h>
63 #include <openssl/mem.h>
64 
65 #include "../internal.h"
66 
67 
68 static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
69                                  const ASN1_ITEM *it, int tag, int aclass);
70 static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
71                             int skcontlen, const ASN1_ITEM *item,
72                             int do_sort, int iclass);
73 static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
74                                 const ASN1_TEMPLATE *tt, int tag, int aclass);
75 static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
76                                const ASN1_ITEM *it, int flags);
77 
78 /*
79  * Top level i2d equivalents: the 'ndef' variant instructs the encoder to use
80  * indefinite length constructed encoding, where appropriate
81  */
82 
ASN1_item_ndef_i2d(ASN1_VALUE * val,unsigned char ** out,const ASN1_ITEM * it)83 int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out,
84                        const ASN1_ITEM *it)
85 {
86     return asn1_item_flags_i2d(val, out, it, ASN1_TFLG_NDEF);
87 }
88 
ASN1_item_i2d(ASN1_VALUE * val,unsigned char ** out,const ASN1_ITEM * it)89 int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
90 {
91     return asn1_item_flags_i2d(val, out, it, 0);
92 }
93 
94 /*
95  * Encode an ASN1 item, this is use by the standard 'i2d' function. 'out'
96  * points to a buffer to output the data to. The new i2d has one additional
97  * feature. If the output buffer is NULL (i.e. *out == NULL) then a buffer is
98  * allocated and populated with the encoding.
99  */
100 
asn1_item_flags_i2d(ASN1_VALUE * val,unsigned char ** out,const ASN1_ITEM * it,int flags)101 static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
102                                const ASN1_ITEM *it, int flags)
103 {
104     if (out && !*out) {
105         unsigned char *p, *buf;
106         int len;
107         len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags);
108         if (len <= 0)
109             return len;
110         buf = OPENSSL_malloc(len);
111         if (!buf)
112             return -1;
113         p = buf;
114         ASN1_item_ex_i2d(&val, &p, it, -1, flags);
115         *out = buf;
116         return len;
117     }
118 
119     return ASN1_item_ex_i2d(&val, out, it, -1, flags);
120 }
121 
122 /*
123  * Encode an item, taking care of IMPLICIT tagging (if any). This function
124  * performs the normal item handling: it can be used in external types.
125  */
126 
ASN1_item_ex_i2d(ASN1_VALUE ** pval,unsigned char ** out,const ASN1_ITEM * it,int tag,int aclass)127 int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
128                      const ASN1_ITEM *it, int tag, int aclass)
129 {
130     const ASN1_TEMPLATE *tt = NULL;
131     unsigned char *p = NULL;
132     int i, seqcontlen, seqlen, ndef = 1;
133     const ASN1_COMPAT_FUNCS *cf;
134     const ASN1_EXTERN_FUNCS *ef;
135     const ASN1_AUX *aux = it->funcs;
136     ASN1_aux_cb *asn1_cb = 0;
137 
138     if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval)
139         return 0;
140 
141     if (aux && aux->asn1_cb)
142         asn1_cb = aux->asn1_cb;
143 
144     switch (it->itype) {
145 
146     case ASN1_ITYPE_PRIMITIVE:
147         if (it->templates)
148             return asn1_template_ex_i2d(pval, out, it->templates,
149                                         tag, aclass);
150         return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
151         break;
152 
153     case ASN1_ITYPE_MSTRING:
154         return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
155 
156     case ASN1_ITYPE_CHOICE:
157         if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
158             return 0;
159         i = asn1_get_choice_selector(pval, it);
160         if ((i >= 0) && (i < it->tcount)) {
161             ASN1_VALUE **pchval;
162             const ASN1_TEMPLATE *chtt;
163             chtt = it->templates + i;
164             pchval = asn1_get_field_ptr(pval, chtt);
165             return asn1_template_ex_i2d(pchval, out, chtt, -1, aclass);
166         }
167         /* Fixme: error condition if selector out of range */
168         if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
169             return 0;
170         break;
171 
172     case ASN1_ITYPE_EXTERN:
173         /* If new style i2d it does all the work */
174         ef = it->funcs;
175         return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
176 
177     case ASN1_ITYPE_COMPAT:
178         /* old style hackery... */
179         cf = it->funcs;
180         if (out)
181             p = *out;
182         i = cf->asn1_i2d(*pval, out);
183         /*
184          * Fixup for IMPLICIT tag: note this messes up for tags > 30, but so
185          * did the old code. Tags > 30 are very rare anyway.
186          */
187         if (out && (tag != -1))
188             *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED);
189         return i;
190 
191     case ASN1_ITYPE_NDEF_SEQUENCE:
192         /* Use indefinite length constructed if requested */
193         if (aclass & ASN1_TFLG_NDEF)
194             ndef = 2;
195         OPENSSL_FALLTHROUGH;
196 
197     case ASN1_ITYPE_SEQUENCE:
198         i = asn1_enc_restore(&seqcontlen, out, pval, it);
199         /* An error occurred */
200         if (i < 0)
201             return 0;
202         /* We have a valid cached encoding... */
203         if (i > 0)
204             return seqcontlen;
205         /* Otherwise carry on */
206         seqcontlen = 0;
207         /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
208         if (tag == -1) {
209             tag = V_ASN1_SEQUENCE;
210             /* Retain any other flags in aclass */
211             aclass = (aclass & ~ASN1_TFLG_TAG_CLASS)
212                 | V_ASN1_UNIVERSAL;
213         }
214         if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
215             return 0;
216         /* First work out sequence content length */
217         for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
218             const ASN1_TEMPLATE *seqtt;
219             ASN1_VALUE **pseqval;
220             int tmplen;
221             seqtt = asn1_do_adb(pval, tt, 1);
222             if (!seqtt)
223                 return 0;
224             pseqval = asn1_get_field_ptr(pval, seqtt);
225             tmplen = asn1_template_ex_i2d(pseqval, NULL, seqtt, -1, aclass);
226             if (tmplen == -1 || (tmplen > INT_MAX - seqcontlen))
227                 return -1;
228             seqcontlen += tmplen;
229         }
230 
231         seqlen = ASN1_object_size(ndef, seqcontlen, tag);
232         if (!out || seqlen == -1)
233             return seqlen;
234         /* Output SEQUENCE header */
235         ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
236         for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
237             const ASN1_TEMPLATE *seqtt;
238             ASN1_VALUE **pseqval;
239             seqtt = asn1_do_adb(pval, tt, 1);
240             if (!seqtt)
241                 return 0;
242             pseqval = asn1_get_field_ptr(pval, seqtt);
243             /* FIXME: check for errors in enhanced version */
244             asn1_template_ex_i2d(pseqval, out, seqtt, -1, aclass);
245         }
246         if (ndef == 2)
247             ASN1_put_eoc(out);
248         if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
249             return 0;
250         return seqlen;
251 
252     default:
253         return 0;
254 
255     }
256     return 0;
257 }
258 
asn1_template_ex_i2d(ASN1_VALUE ** pval,unsigned char ** out,const ASN1_TEMPLATE * tt,int tag,int iclass)259 static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
260                                 const ASN1_TEMPLATE *tt, int tag, int iclass)
261 {
262     int i, ret, flags, ttag, tclass, ndef;
263     size_t j;
264     flags = tt->flags;
265     /*
266      * Work out tag and class to use: tagging may come either from the
267      * template or the arguments, not both because this would create
268      * ambiguity. Additionally the iclass argument may contain some
269      * additional flags which should be noted and passed down to other
270      * levels.
271      */
272     if (flags & ASN1_TFLG_TAG_MASK) {
273         /* Error if argument and template tagging */
274         if (tag != -1)
275             /* FIXME: error code here */
276             return -1;
277         /* Get tagging from template */
278         ttag = tt->tag;
279         tclass = flags & ASN1_TFLG_TAG_CLASS;
280     } else if (tag != -1) {
281         /* No template tagging, get from arguments */
282         ttag = tag;
283         tclass = iclass & ASN1_TFLG_TAG_CLASS;
284     } else {
285         ttag = -1;
286         tclass = 0;
287     }
288     /*
289      * Remove any class mask from iflag.
290      */
291     iclass &= ~ASN1_TFLG_TAG_CLASS;
292 
293     /*
294      * At this point 'ttag' contains the outer tag to use, 'tclass' is the
295      * class and iclass is any flags passed to this function.
296      */
297 
298     /* if template and arguments require ndef, use it */
299     if ((flags & ASN1_TFLG_NDEF) && (iclass & ASN1_TFLG_NDEF))
300         ndef = 2;
301     else
302         ndef = 1;
303 
304     if (flags & ASN1_TFLG_SK_MASK) {
305         /* SET OF, SEQUENCE OF */
306         STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
307         int isset, sktag, skaclass;
308         int skcontlen, sklen;
309         ASN1_VALUE *skitem;
310 
311         if (!*pval)
312             return 0;
313 
314         if (flags & ASN1_TFLG_SET_OF) {
315             isset = 1;
316             /* 2 means we reorder */
317             if (flags & ASN1_TFLG_SEQUENCE_OF)
318                 isset = 2;
319         } else
320             isset = 0;
321 
322         /*
323          * Work out inner tag value: if EXPLICIT or no tagging use underlying
324          * type.
325          */
326         if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) {
327             sktag = ttag;
328             skaclass = tclass;
329         } else {
330             skaclass = V_ASN1_UNIVERSAL;
331             if (isset)
332                 sktag = V_ASN1_SET;
333             else
334                 sktag = V_ASN1_SEQUENCE;
335         }
336 
337         /* Determine total length of items */
338         skcontlen = 0;
339         for (j = 0; j < sk_ASN1_VALUE_num(sk); j++) {
340             int tmplen;
341             skitem = sk_ASN1_VALUE_value(sk, j);
342             tmplen = ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item),
343                                       -1, iclass);
344             if (tmplen == -1 || (skcontlen > INT_MAX - tmplen))
345                 return -1;
346             skcontlen += tmplen;
347         }
348         sklen = ASN1_object_size(ndef, skcontlen, sktag);
349         if (sklen == -1)
350             return -1;
351         /* If EXPLICIT need length of surrounding tag */
352         if (flags & ASN1_TFLG_EXPTAG)
353             ret = ASN1_object_size(ndef, sklen, ttag);
354         else
355             ret = sklen;
356 
357         if (!out || ret == -1)
358             return ret;
359 
360         /* Now encode this lot... */
361         /* EXPLICIT tag */
362         if (flags & ASN1_TFLG_EXPTAG)
363             ASN1_put_object(out, ndef, sklen, ttag, tclass);
364         /* SET or SEQUENCE and IMPLICIT tag */
365         ASN1_put_object(out, ndef, skcontlen, sktag, skaclass);
366         /* And the stuff itself */
367         asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item),
368                          isset, iclass);
369         if (ndef == 2) {
370             ASN1_put_eoc(out);
371             if (flags & ASN1_TFLG_EXPTAG)
372                 ASN1_put_eoc(out);
373         }
374 
375         return ret;
376     }
377 
378     if (flags & ASN1_TFLG_EXPTAG) {
379         /* EXPLICIT tagging */
380         /* Find length of tagged item */
381         i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), -1, iclass);
382         if (!i)
383             return 0;
384         /* Find length of EXPLICIT tag */
385         ret = ASN1_object_size(ndef, i, ttag);
386         if (out && ret != -1) {
387             /* Output tag and item */
388             ASN1_put_object(out, ndef, i, ttag, tclass);
389             ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, iclass);
390             if (ndef == 2)
391                 ASN1_put_eoc(out);
392         }
393         return ret;
394     }
395 
396     /* Either normal or IMPLICIT tagging: combine class and flags */
397     return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item),
398                             ttag, tclass | iclass);
399 
400 }
401 
402 /* Temporary structure used to hold DER encoding of items for SET OF */
403 
404 typedef struct {
405     unsigned char *data;
406     int length;
407     ASN1_VALUE *field;
408 } DER_ENC;
409 
der_cmp(const void * a,const void * b)410 static int der_cmp(const void *a, const void *b)
411 {
412     const DER_ENC *d1 = a, *d2 = b;
413     int cmplen, i;
414     cmplen = (d1->length < d2->length) ? d1->length : d2->length;
415     i = OPENSSL_memcmp(d1->data, d2->data, cmplen);
416     if (i)
417         return i;
418     return d1->length - d2->length;
419 }
420 
421 /* Output the content octets of SET OF or SEQUENCE OF */
422 
asn1_set_seq_out(STACK_OF (ASN1_VALUE)* sk,unsigned char ** out,int skcontlen,const ASN1_ITEM * item,int do_sort,int iclass)423 static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
424                             int skcontlen, const ASN1_ITEM *item,
425                             int do_sort, int iclass)
426 {
427     size_t i;
428     ASN1_VALUE *skitem;
429     unsigned char *tmpdat = NULL, *p = NULL;
430     DER_ENC *derlst = NULL, *tder;
431     if (do_sort) {
432         /* Don't need to sort less than 2 items */
433         if (sk_ASN1_VALUE_num(sk) < 2)
434             do_sort = 0;
435         else {
436             derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk)
437                                     * sizeof(*derlst));
438             if (!derlst)
439                 return 0;
440             tmpdat = OPENSSL_malloc(skcontlen);
441             if (!tmpdat) {
442                 OPENSSL_free(derlst);
443                 return 0;
444             }
445         }
446     }
447     /* If not sorting just output each item */
448     if (!do_sort) {
449         for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
450             skitem = sk_ASN1_VALUE_value(sk, i);
451             ASN1_item_ex_i2d(&skitem, out, item, -1, iclass);
452         }
453         return 1;
454     }
455     p = tmpdat;
456 
457     /* Doing sort: build up a list of each member's DER encoding */
458     for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
459         skitem = sk_ASN1_VALUE_value(sk, i);
460         tder->data = p;
461         tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass);
462         tder->field = skitem;
463     }
464 
465     /* Now sort them */
466     qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp);
467     /* Output sorted DER encoding */
468     p = *out;
469     for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
470         OPENSSL_memcpy(p, tder->data, tder->length);
471         p += tder->length;
472     }
473     *out = p;
474     /* If do_sort is 2 then reorder the STACK */
475     if (do_sort == 2) {
476         for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++)
477             (void)sk_ASN1_VALUE_set(sk, i, tder->field);
478     }
479     OPENSSL_free(derlst);
480     OPENSSL_free(tmpdat);
481     return 1;
482 }
483 
asn1_i2d_ex_primitive(ASN1_VALUE ** pval,unsigned char ** out,const ASN1_ITEM * it,int tag,int aclass)484 static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
485                                  const ASN1_ITEM *it, int tag, int aclass)
486 {
487     int len;
488     int utype;
489     int usetag;
490     int ndef = 0;
491 
492     utype = it->utype;
493 
494     /*
495      * Get length of content octets and maybe find out the underlying type.
496      */
497 
498     len = asn1_ex_i2c(pval, NULL, &utype, it);
499 
500     /*
501      * If SEQUENCE, SET or OTHER then header is included in pseudo content
502      * octets so don't include tag+length. We need to check here because the
503      * call to asn1_ex_i2c() could change utype.
504      */
505     if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
506         (utype == V_ASN1_OTHER))
507         usetag = 0;
508     else
509         usetag = 1;
510 
511     /* -1 means omit type */
512 
513     if (len == -1)
514         return 0;
515 
516     /* -2 return is special meaning use ndef */
517     if (len == -2) {
518         ndef = 2;
519         len = 0;
520     }
521 
522     /* If not implicitly tagged get tag from underlying type */
523     if (tag == -1)
524         tag = utype;
525 
526     /* Output tag+length followed by content octets */
527     if (out) {
528         if (usetag)
529             ASN1_put_object(out, ndef, len, tag, aclass);
530         asn1_ex_i2c(pval, *out, &utype, it);
531         if (ndef)
532             ASN1_put_eoc(out);
533         else
534             *out += len;
535     }
536 
537     if (usetag)
538         return ASN1_object_size(ndef, len, tag);
539     return len;
540 }
541 
542 /* Produce content octets from a structure */
543 
asn1_ex_i2c(ASN1_VALUE ** pval,unsigned char * cout,int * putype,const ASN1_ITEM * it)544 int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
545                 const ASN1_ITEM *it)
546 {
547     ASN1_BOOLEAN *tbool = NULL;
548     ASN1_STRING *strtmp;
549     ASN1_OBJECT *otmp;
550     int utype;
551     const unsigned char *cont;
552     unsigned char c;
553     int len;
554     const ASN1_PRIMITIVE_FUNCS *pf;
555     pf = it->funcs;
556     if (pf && pf->prim_i2c)
557         return pf->prim_i2c(pval, cout, putype, it);
558 
559     /* Should type be omitted? */
560     if ((it->itype != ASN1_ITYPE_PRIMITIVE)
561         || (it->utype != V_ASN1_BOOLEAN)) {
562         if (!*pval)
563             return -1;
564     }
565 
566     if (it->itype == ASN1_ITYPE_MSTRING) {
567         /* If MSTRING type set the underlying type */
568         strtmp = (ASN1_STRING *)*pval;
569         utype = strtmp->type;
570         *putype = utype;
571     } else if (it->utype == V_ASN1_ANY) {
572         /* If ANY set type and pointer to value */
573         ASN1_TYPE *typ;
574         typ = (ASN1_TYPE *)*pval;
575         utype = typ->type;
576         *putype = utype;
577         pval = &typ->value.asn1_value;
578     } else
579         utype = *putype;
580 
581     switch (utype) {
582     case V_ASN1_OBJECT:
583         otmp = (ASN1_OBJECT *)*pval;
584         cont = otmp->data;
585         len = otmp->length;
586         if (cont == NULL || len == 0)
587             return -1;
588         break;
589 
590     case V_ASN1_NULL:
591         cont = NULL;
592         len = 0;
593         break;
594 
595     case V_ASN1_BOOLEAN:
596         tbool = (ASN1_BOOLEAN *)pval;
597         if (*tbool == -1)
598             return -1;
599         if (it->utype != V_ASN1_ANY) {
600             /*
601              * Default handling if value == size field then omit
602              */
603             if (*tbool && (it->size > 0))
604                 return -1;
605             if (!*tbool && !it->size)
606                 return -1;
607         }
608         c = (unsigned char)*tbool;
609         cont = &c;
610         len = 1;
611         break;
612 
613     case V_ASN1_BIT_STRING:
614         return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval,
615                                    cout ? &cout : NULL);
616         break;
617 
618     case V_ASN1_INTEGER:
619     case V_ASN1_ENUMERATED:
620         /*
621          * These are all have the same content format as ASN1_INTEGER
622          */
623         return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL);
624         break;
625 
626     case V_ASN1_OCTET_STRING:
627     case V_ASN1_NUMERICSTRING:
628     case V_ASN1_PRINTABLESTRING:
629     case V_ASN1_T61STRING:
630     case V_ASN1_VIDEOTEXSTRING:
631     case V_ASN1_IA5STRING:
632     case V_ASN1_UTCTIME:
633     case V_ASN1_GENERALIZEDTIME:
634     case V_ASN1_GRAPHICSTRING:
635     case V_ASN1_VISIBLESTRING:
636     case V_ASN1_GENERALSTRING:
637     case V_ASN1_UNIVERSALSTRING:
638     case V_ASN1_BMPSTRING:
639     case V_ASN1_UTF8STRING:
640     case V_ASN1_SEQUENCE:
641     case V_ASN1_SET:
642     default:
643         /* All based on ASN1_STRING and handled the same */
644         strtmp = (ASN1_STRING *)*pval;
645         /* Special handling for NDEF */
646         if ((it->size == ASN1_TFLG_NDEF)
647             && (strtmp->flags & ASN1_STRING_FLAG_NDEF)) {
648             if (cout) {
649                 strtmp->data = cout;
650                 strtmp->length = 0;
651             }
652             /* Special return code */
653             return -2;
654         }
655         cont = strtmp->data;
656         len = strtmp->length;
657 
658         break;
659 
660     }
661     if (cout && len)
662         OPENSSL_memcpy(cout, cont, len);
663     return len;
664 }
665