1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2 * All rights reserved.
3 *
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
7 *
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14 *
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
21 *
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 * SUCH DAMAGE.
51 *
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.] */
56
57 #include <openssl/asn1.h>
58
59 #include <limits.h>
60 #include <string.h>
61
62 #include <openssl/err.h>
63 #include <openssl/mem.h>
64 #include <openssl/obj.h>
65
66 #include "../internal.h"
67
68
i2d_ASN1_OBJECT(ASN1_OBJECT * a,unsigned char ** pp)69 int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
70 {
71 unsigned char *p;
72 int objsize;
73
74 if ((a == NULL) || (a->data == NULL))
75 return (0);
76
77 objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT);
78 if (pp == NULL || objsize == -1)
79 return objsize;
80
81 p = *pp;
82 ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
83 OPENSSL_memcpy(p, a->data, a->length);
84 p += a->length;
85
86 *pp = p;
87 return (objsize);
88 }
89
a2d_ASN1_OBJECT(unsigned char * out,int olen,const char * buf,int num)90 int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
91 {
92 int i, first, len = 0, c, use_bn;
93 char ftmp[24], *tmp = ftmp;
94 int tmpsize = sizeof ftmp;
95 const char *p;
96 unsigned long l;
97 BIGNUM *bl = NULL;
98
99 if (num == 0)
100 return (0);
101 else if (num == -1)
102 num = strlen(buf);
103
104 p = buf;
105 c = *(p++);
106 num--;
107 if ((c >= '0') && (c <= '2')) {
108 first = c - '0';
109 } else {
110 OPENSSL_PUT_ERROR(ASN1, ASN1_R_FIRST_NUM_TOO_LARGE);
111 goto err;
112 }
113
114 if (num <= 0) {
115 OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_SECOND_NUMBER);
116 goto err;
117 }
118 c = *(p++);
119 num--;
120 for (;;) {
121 if (num <= 0)
122 break;
123 if ((c != '.') && (c != ' ')) {
124 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_SEPARATOR);
125 goto err;
126 }
127 l = 0;
128 use_bn = 0;
129 for (;;) {
130 if (num <= 0)
131 break;
132 num--;
133 c = *(p++);
134 if ((c == ' ') || (c == '.'))
135 break;
136 if ((c < '0') || (c > '9')) {
137 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_DIGIT);
138 goto err;
139 }
140 if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) {
141 use_bn = 1;
142 if (!bl)
143 bl = BN_new();
144 if (!bl || !BN_set_word(bl, l))
145 goto err;
146 }
147 if (use_bn) {
148 if (!BN_mul_word(bl, 10L)
149 || !BN_add_word(bl, c - '0'))
150 goto err;
151 } else
152 l = l * 10L + (long)(c - '0');
153 }
154 if (len == 0) {
155 if ((first < 2) && (l >= 40)) {
156 OPENSSL_PUT_ERROR(ASN1, ASN1_R_SECOND_NUMBER_TOO_LARGE);
157 goto err;
158 }
159 if (use_bn) {
160 if (!BN_add_word(bl, first * 40))
161 goto err;
162 } else
163 l += (long)first *40;
164 }
165 i = 0;
166 if (use_bn) {
167 int blsize;
168 blsize = BN_num_bits(bl);
169 blsize = (blsize + 6) / 7;
170 if (blsize > tmpsize) {
171 if (tmp != ftmp)
172 OPENSSL_free(tmp);
173 tmpsize = blsize + 32;
174 tmp = OPENSSL_malloc(tmpsize);
175 if (!tmp)
176 goto err;
177 }
178 while (blsize--) {
179 BN_ULONG t = BN_div_word(bl, 0x80L);
180 if (t == (BN_ULONG)-1)
181 goto err;
182 tmp[i++] = (unsigned char)t;
183 }
184 } else {
185
186 for (;;) {
187 tmp[i++] = (unsigned char)l & 0x7f;
188 l >>= 7L;
189 if (l == 0L)
190 break;
191 }
192
193 }
194 if (out != NULL) {
195 if (len + i > olen) {
196 OPENSSL_PUT_ERROR(ASN1, ASN1_R_BUFFER_TOO_SMALL);
197 goto err;
198 }
199 while (--i > 0)
200 out[len++] = tmp[i] | 0x80;
201 out[len++] = tmp[0];
202 } else
203 len += i;
204 }
205 if (tmp != ftmp)
206 OPENSSL_free(tmp);
207 if (bl)
208 BN_free(bl);
209 return (len);
210 err:
211 if (tmp != ftmp)
212 OPENSSL_free(tmp);
213 if (bl)
214 BN_free(bl);
215 return (0);
216 }
217
i2t_ASN1_OBJECT(char * buf,int buf_len,ASN1_OBJECT * a)218 int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
219 {
220 return OBJ_obj2txt(buf, buf_len, a, 0);
221 }
222
i2a_ASN1_OBJECT(BIO * bp,ASN1_OBJECT * a)223 int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
224 {
225 char buf[80], *p = buf;
226 int i;
227
228 if ((a == NULL) || (a->data == NULL))
229 return (BIO_write(bp, "NULL", 4));
230 i = i2t_ASN1_OBJECT(buf, sizeof buf, a);
231 if (i > (int)(sizeof(buf) - 1)) {
232 p = OPENSSL_malloc(i + 1);
233 if (!p)
234 return -1;
235 i2t_ASN1_OBJECT(p, i + 1, a);
236 }
237 if (i <= 0)
238 return BIO_write(bp, "<INVALID>", 9);
239 BIO_write(bp, p, i);
240 if (p != buf)
241 OPENSSL_free(p);
242 return (i);
243 }
244
d2i_ASN1_OBJECT(ASN1_OBJECT ** a,const unsigned char ** pp,long length)245 ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
246 long length)
247 {
248 const unsigned char *p;
249 long len;
250 int tag, xclass;
251 int inf, i;
252 ASN1_OBJECT *ret = NULL;
253 p = *pp;
254 inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
255 if (inf & 0x80) {
256 i = ASN1_R_BAD_OBJECT_HEADER;
257 goto err;
258 }
259
260 if (tag != V_ASN1_OBJECT) {
261 i = ASN1_R_EXPECTING_AN_OBJECT;
262 goto err;
263 }
264 ret = c2i_ASN1_OBJECT(a, &p, len);
265 if (ret)
266 *pp = p;
267 return ret;
268 err:
269 OPENSSL_PUT_ERROR(ASN1, i);
270 return (NULL);
271 }
272
c2i_ASN1_OBJECT(ASN1_OBJECT ** a,const unsigned char ** pp,long len)273 ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
274 long len)
275 {
276 ASN1_OBJECT *ret = NULL;
277 const unsigned char *p;
278 unsigned char *data;
279 int i, length;
280
281 /*
282 * Sanity check OID encoding. Need at least one content octet. MSB must
283 * be clear in the last octet. can't have leading 0x80 in subidentifiers,
284 * see: X.690 8.19.2
285 */
286 if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL ||
287 p[len - 1] & 0x80) {
288 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_OBJECT_ENCODING);
289 return NULL;
290 }
291 /* Now 0 < len <= INT_MAX, so the cast is safe. */
292 length = (int)len;
293 for (i = 0; i < length; i++, p++) {
294 if (*p == 0x80 && (!i || !(p[-1] & 0x80))) {
295 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_OBJECT_ENCODING);
296 return NULL;
297 }
298 }
299
300 /*
301 * only the ASN1_OBJECTs from the 'table' will have values for ->sn or
302 * ->ln
303 */
304 if ((a == NULL) || ((*a) == NULL) ||
305 !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
306 if ((ret = ASN1_OBJECT_new()) == NULL)
307 return (NULL);
308 } else
309 ret = (*a);
310
311 p = *pp;
312 /* detach data from object */
313 data = (unsigned char *)ret->data;
314 ret->data = NULL;
315 /* once detached we can change it */
316 if ((data == NULL) || (ret->length < length)) {
317 ret->length = 0;
318 if (data != NULL)
319 OPENSSL_free(data);
320 data = (unsigned char *)OPENSSL_malloc(length);
321 if (data == NULL) {
322 i = ERR_R_MALLOC_FAILURE;
323 goto err;
324 }
325 ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
326 }
327 OPENSSL_memcpy(data, p, length);
328 /* reattach data to object, after which it remains const */
329 ret->data = data;
330 ret->length = length;
331 ret->sn = NULL;
332 ret->ln = NULL;
333 /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
334 p += length;
335
336 if (a != NULL)
337 (*a) = ret;
338 *pp = p;
339 return (ret);
340 err:
341 OPENSSL_PUT_ERROR(ASN1, i);
342 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
343 ASN1_OBJECT_free(ret);
344 return (NULL);
345 }
346
ASN1_OBJECT_new(void)347 ASN1_OBJECT *ASN1_OBJECT_new(void)
348 {
349 ASN1_OBJECT *ret;
350
351 ret = (ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT));
352 if (ret == NULL) {
353 OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
354 return (NULL);
355 }
356 ret->length = 0;
357 ret->data = NULL;
358 ret->nid = 0;
359 ret->sn = NULL;
360 ret->ln = NULL;
361 ret->flags = ASN1_OBJECT_FLAG_DYNAMIC;
362 return (ret);
363 }
364
ASN1_OBJECT_free(ASN1_OBJECT * a)365 void ASN1_OBJECT_free(ASN1_OBJECT *a)
366 {
367 if (a == NULL)
368 return;
369 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) {
370 #ifndef CONST_STRICT /* disable purely for compile-time strict
371 * const checking. Doing this on a "real"
372 * compile will cause memory leaks */
373 if (a->sn != NULL)
374 OPENSSL_free((void *)a->sn);
375 if (a->ln != NULL)
376 OPENSSL_free((void *)a->ln);
377 #endif
378 a->sn = a->ln = NULL;
379 }
380 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) {
381 if (a->data != NULL)
382 OPENSSL_free((void *)a->data);
383 a->data = NULL;
384 a->length = 0;
385 }
386 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
387 OPENSSL_free(a);
388 }
389
ASN1_OBJECT_create(int nid,unsigned char * data,int len,const char * sn,const char * ln)390 ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
391 const char *sn, const char *ln)
392 {
393 ASN1_OBJECT o;
394
395 o.sn = sn;
396 o.ln = ln;
397 o.data = data;
398 o.nid = nid;
399 o.length = len;
400 o.flags = ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
401 ASN1_OBJECT_FLAG_DYNAMIC_DATA;
402 return (OBJ_dup(&o));
403 }
404