1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2 * All rights reserved.
3 *
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
7 *
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14 *
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
21 *
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 * SUCH DAMAGE.
51 *
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.] */
56
57 #include <openssl/asn1.h>
58
59 #include <string.h>
60
61 #include <openssl/err.h>
62 #include <openssl/mem.h>
63
64
65 static int traverse_string(const unsigned char *p, int len, int inform,
66 int (*rfunc)(unsigned long value, void *in), void *arg);
67 static int in_utf8(unsigned long value, void *arg);
68 static int out_utf8(unsigned long value, void *arg);
69 static int type_str(unsigned long value, void *arg);
70 static int cpy_asc(unsigned long value, void *arg);
71 static int cpy_bmp(unsigned long value, void *arg);
72 static int cpy_univ(unsigned long value, void *arg);
73 static int cpy_utf8(unsigned long value, void *arg);
74 static int is_printable(unsigned long value);
75
76 /* These functions take a string in UTF8, ASCII or multibyte form and
77 * a mask of permissible ASN1 string types. It then works out the minimal
78 * type (using the order Printable < IA5 < T61 < BMP < Universal < UTF8)
79 * and creates a string of the correct type with the supplied data.
80 * Yes this is horrible: it has to be :-(
81 * The 'ncopy' form checks minimum and maximum size limits too.
82 */
83
ASN1_mbstring_copy(ASN1_STRING ** out,const unsigned char * in,int len,int inform,unsigned long mask)84 int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
85 int inform, unsigned long mask)
86 {
87 return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0);
88 }
89
ASN1_mbstring_ncopy(ASN1_STRING ** out,const unsigned char * in,int len,int inform,unsigned long mask,long minsize,long maxsize)90 int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
91 int inform, unsigned long mask,
92 long minsize, long maxsize)
93 {
94 int str_type;
95 int ret;
96 char free_out;
97 int outform, outlen = 0;
98 ASN1_STRING *dest;
99 unsigned char *p;
100 int nchar;
101 char strbuf[32];
102 int (*cpyfunc)(unsigned long,void *) = NULL;
103 if(len == -1) len = strlen((const char *)in);
104 if(!mask) mask = DIRSTRING_TYPE;
105
106 /* First do a string check and work out the number of characters */
107 switch(inform) {
108
109 case MBSTRING_BMP:
110 if(len & 1) {
111 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_BMPSTRING_LENGTH);
112 return -1;
113 }
114 nchar = len >> 1;
115 break;
116
117 case MBSTRING_UNIV:
118 if(len & 3) {
119 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
120 return -1;
121 }
122 nchar = len >> 2;
123 break;
124
125 case MBSTRING_UTF8:
126 nchar = 0;
127 /* This counts the characters and does utf8 syntax checking */
128 ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
129 if(ret < 0) {
130 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_UTF8STRING);
131 return -1;
132 }
133 break;
134
135 case MBSTRING_ASC:
136 nchar = len;
137 break;
138
139 default:
140 OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_FORMAT);
141 return -1;
142 }
143
144 if((minsize > 0) && (nchar < minsize)) {
145 OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_SHORT);
146 BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
147 ERR_add_error_data(2, "minsize=", strbuf);
148 return -1;
149 }
150
151 if((maxsize > 0) && (nchar > maxsize)) {
152 OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_LONG);
153 BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
154 ERR_add_error_data(2, "maxsize=", strbuf);
155 return -1;
156 }
157
158 /* Now work out minimal type (if any) */
159 if(traverse_string(in, len, inform, type_str, &mask) < 0) {
160 OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_CHARACTERS);
161 return -1;
162 }
163
164
165 /* Now work out output format and string type */
166 outform = MBSTRING_ASC;
167 if(mask & B_ASN1_PRINTABLESTRING) str_type = V_ASN1_PRINTABLESTRING;
168 else if(mask & B_ASN1_IA5STRING) str_type = V_ASN1_IA5STRING;
169 else if(mask & B_ASN1_T61STRING) str_type = V_ASN1_T61STRING;
170 else if(mask & B_ASN1_BMPSTRING) {
171 str_type = V_ASN1_BMPSTRING;
172 outform = MBSTRING_BMP;
173 } else if(mask & B_ASN1_UNIVERSALSTRING) {
174 str_type = V_ASN1_UNIVERSALSTRING;
175 outform = MBSTRING_UNIV;
176 } else {
177 str_type = V_ASN1_UTF8STRING;
178 outform = MBSTRING_UTF8;
179 }
180 if(!out) return str_type;
181 if(*out) {
182 free_out = 0;
183 dest = *out;
184 if(dest->data) {
185 dest->length = 0;
186 OPENSSL_free(dest->data);
187 dest->data = NULL;
188 }
189 dest->type = str_type;
190 } else {
191 free_out = 1;
192 dest = ASN1_STRING_type_new(str_type);
193 if(!dest) {
194 OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
195 return -1;
196 }
197 *out = dest;
198 }
199 /* If both the same type just copy across */
200 if(inform == outform) {
201 if(!ASN1_STRING_set(dest, in, len)) {
202 OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
203 return -1;
204 }
205 return str_type;
206 }
207
208 /* Work out how much space the destination will need */
209 switch(outform) {
210 case MBSTRING_ASC:
211 outlen = nchar;
212 cpyfunc = cpy_asc;
213 break;
214
215 case MBSTRING_BMP:
216 outlen = nchar << 1;
217 cpyfunc = cpy_bmp;
218 break;
219
220 case MBSTRING_UNIV:
221 outlen = nchar << 2;
222 cpyfunc = cpy_univ;
223 break;
224
225 case MBSTRING_UTF8:
226 outlen = 0;
227 traverse_string(in, len, inform, out_utf8, &outlen);
228 cpyfunc = cpy_utf8;
229 break;
230 }
231 if(!(p = OPENSSL_malloc(outlen + 1))) {
232 if(free_out) ASN1_STRING_free(dest);
233 OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
234 return -1;
235 }
236 dest->length = outlen;
237 dest->data = p;
238 p[outlen] = 0;
239 traverse_string(in, len, inform, cpyfunc, &p);
240 return str_type;
241 }
242
243 /* This function traverses a string and passes the value of each character
244 * to an optional function along with a void * argument.
245 */
246
traverse_string(const unsigned char * p,int len,int inform,int (* rfunc)(unsigned long value,void * in),void * arg)247 static int traverse_string(const unsigned char *p, int len, int inform,
248 int (*rfunc)(unsigned long value, void *in), void *arg)
249 {
250 unsigned long value;
251 int ret;
252 while(len) {
253 if(inform == MBSTRING_ASC) {
254 value = *p++;
255 len--;
256 } else if(inform == MBSTRING_BMP) {
257 value = *p++ << 8;
258 value |= *p++;
259 len -= 2;
260 } else if(inform == MBSTRING_UNIV) {
261 value = ((unsigned long)*p++) << 24;
262 value |= ((unsigned long)*p++) << 16;
263 value |= *p++ << 8;
264 value |= *p++;
265 len -= 4;
266 } else {
267 ret = UTF8_getc(p, len, &value);
268 if(ret < 0) return -1;
269 len -= ret;
270 p += ret;
271 }
272 if(rfunc) {
273 ret = rfunc(value, arg);
274 if(ret <= 0) return ret;
275 }
276 }
277 return 1;
278 }
279
280 /* Various utility functions for traverse_string */
281
282 /* Just count number of characters */
283
in_utf8(unsigned long value,void * arg)284 static int in_utf8(unsigned long value, void *arg)
285 {
286 int *nchar;
287 nchar = arg;
288 (*nchar)++;
289 return 1;
290 }
291
292 /* Determine size of output as a UTF8 String */
293
out_utf8(unsigned long value,void * arg)294 static int out_utf8(unsigned long value, void *arg)
295 {
296 int *outlen;
297 outlen = arg;
298 *outlen += UTF8_putc(NULL, -1, value);
299 return 1;
300 }
301
302 /* Determine the "type" of a string: check each character against a
303 * supplied "mask".
304 */
305
type_str(unsigned long value,void * arg)306 static int type_str(unsigned long value, void *arg)
307 {
308 unsigned long types;
309 types = *((unsigned long *)arg);
310 if((types & B_ASN1_PRINTABLESTRING) && !is_printable(value))
311 types &= ~B_ASN1_PRINTABLESTRING;
312 if((types & B_ASN1_IA5STRING) && (value > 127))
313 types &= ~B_ASN1_IA5STRING;
314 if((types & B_ASN1_T61STRING) && (value > 0xff))
315 types &= ~B_ASN1_T61STRING;
316 if((types & B_ASN1_BMPSTRING) && (value > 0xffff))
317 types &= ~B_ASN1_BMPSTRING;
318 if(!types) return -1;
319 *((unsigned long *)arg) = types;
320 return 1;
321 }
322
323 /* Copy one byte per character ASCII like strings */
324
cpy_asc(unsigned long value,void * arg)325 static int cpy_asc(unsigned long value, void *arg)
326 {
327 unsigned char **p, *q;
328 p = arg;
329 q = *p;
330 *q = (unsigned char) value;
331 (*p)++;
332 return 1;
333 }
334
335 /* Copy two byte per character BMPStrings */
336
cpy_bmp(unsigned long value,void * arg)337 static int cpy_bmp(unsigned long value, void *arg)
338 {
339 unsigned char **p, *q;
340 p = arg;
341 q = *p;
342 *q++ = (unsigned char) ((value >> 8) & 0xff);
343 *q = (unsigned char) (value & 0xff);
344 *p += 2;
345 return 1;
346 }
347
348 /* Copy four byte per character UniversalStrings */
349
cpy_univ(unsigned long value,void * arg)350 static int cpy_univ(unsigned long value, void *arg)
351 {
352 unsigned char **p, *q;
353 p = arg;
354 q = *p;
355 *q++ = (unsigned char) ((value >> 24) & 0xff);
356 *q++ = (unsigned char) ((value >> 16) & 0xff);
357 *q++ = (unsigned char) ((value >> 8) & 0xff);
358 *q = (unsigned char) (value & 0xff);
359 *p += 4;
360 return 1;
361 }
362
363 /* Copy to a UTF8String */
364
cpy_utf8(unsigned long value,void * arg)365 static int cpy_utf8(unsigned long value, void *arg)
366 {
367 unsigned char **p;
368 int ret;
369 p = arg;
370 /* We already know there is enough room so pass 0xff as the length */
371 ret = UTF8_putc(*p, 0xff, value);
372 *p += ret;
373 return 1;
374 }
375
376 /* Return 1 if the character is permitted in a PrintableString */
is_printable(unsigned long value)377 static int is_printable(unsigned long value)
378 {
379 int ch;
380 if(value > 0x7f) return 0;
381 ch = (int) value;
382 /* Note: we can't use 'isalnum' because certain accented
383 * characters may count as alphanumeric in some environments.
384 */
385 if((ch >= 'a') && (ch <= 'z')) return 1;
386 if((ch >= 'A') && (ch <= 'Z')) return 1;
387 if((ch >= '0') && (ch <= '9')) return 1;
388 if ((ch == ' ') || strchr("'()+,-./:=?", ch)) return 1;
389 return 0;
390 }
391