OLD | NEW |
| (Empty) |
1 /* asn1_gen.c */ | |
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | |
3 * project 2002. | |
4 */ | |
5 /* ==================================================================== | |
6 * Copyright (c) 2002 The OpenSSL Project. All rights reserved. | |
7 * | |
8 * Redistribution and use in source and binary forms, with or without | |
9 * modification, are permitted provided that the following conditions | |
10 * are met: | |
11 * | |
12 * 1. Redistributions of source code must retain the above copyright | |
13 * notice, this list of conditions and the following disclaimer. | |
14 * | |
15 * 2. Redistributions in binary form must reproduce the above copyright | |
16 * notice, this list of conditions and the following disclaimer in | |
17 * the documentation and/or other materials provided with the | |
18 * distribution. | |
19 * | |
20 * 3. All advertising materials mentioning features or use of this | |
21 * software must display the following acknowledgment: | |
22 * "This product includes software developed by the OpenSSL Project | |
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
24 * | |
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
26 * endorse or promote products derived from this software without | |
27 * prior written permission. For written permission, please contact | |
28 * licensing@OpenSSL.org. | |
29 * | |
30 * 5. Products derived from this software may not be called "OpenSSL" | |
31 * nor may "OpenSSL" appear in their names without prior written | |
32 * permission of the OpenSSL Project. | |
33 * | |
34 * 6. Redistributions of any form whatsoever must retain the following | |
35 * acknowledgment: | |
36 * "This product includes software developed by the OpenSSL Project | |
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
38 * | |
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
50 * OF THE POSSIBILITY OF SUCH DAMAGE. | |
51 * ==================================================================== | |
52 * | |
53 * This product includes cryptographic software written by Eric Young | |
54 * (eay@cryptsoft.com). This product includes software written by Tim | |
55 * Hudson (tjh@cryptsoft.com). | |
56 * | |
57 */ | |
58 | |
59 #include "cryptlib.h" | |
60 #include <openssl/asn1.h> | |
61 #include <openssl/x509v3.h> | |
62 | |
63 #define ASN1_GEN_FLAG 0x10000 | |
64 #define ASN1_GEN_FLAG_IMP (ASN1_GEN_FLAG|1) | |
65 #define ASN1_GEN_FLAG_EXP (ASN1_GEN_FLAG|2) | |
66 #define ASN1_GEN_FLAG_TAG (ASN1_GEN_FLAG|3) | |
67 #define ASN1_GEN_FLAG_BITWRAP (ASN1_GEN_FLAG|4) | |
68 #define ASN1_GEN_FLAG_OCTWRAP (ASN1_GEN_FLAG|5) | |
69 #define ASN1_GEN_FLAG_SEQWRAP (ASN1_GEN_FLAG|6) | |
70 #define ASN1_GEN_FLAG_SETWRAP (ASN1_GEN_FLAG|7) | |
71 #define ASN1_GEN_FLAG_FORMAT (ASN1_GEN_FLAG|8) | |
72 | |
73 #define ASN1_GEN_STR(str,val) {str, sizeof(str) - 1, val} | |
74 | |
75 #define ASN1_FLAG_EXP_MAX 20 | |
76 | |
77 /* Input formats */ | |
78 | |
79 /* ASCII: default */ | |
80 #define ASN1_GEN_FORMAT_ASCII 1 | |
81 /* UTF8 */ | |
82 #define ASN1_GEN_FORMAT_UTF8 2 | |
83 /* Hex */ | |
84 #define ASN1_GEN_FORMAT_HEX 3 | |
85 /* List of bits */ | |
86 #define ASN1_GEN_FORMAT_BITLIST 4 | |
87 | |
88 | |
89 struct tag_name_st | |
90 { | |
91 const char *strnam; | |
92 int len; | |
93 int tag; | |
94 }; | |
95 | |
96 typedef struct | |
97 { | |
98 int exp_tag; | |
99 int exp_class; | |
100 int exp_constructed; | |
101 int exp_pad; | |
102 long exp_len; | |
103 } tag_exp_type; | |
104 | |
105 typedef struct | |
106 { | |
107 int imp_tag; | |
108 int imp_class; | |
109 int utype; | |
110 int format; | |
111 const char *str; | |
112 tag_exp_type exp_list[ASN1_FLAG_EXP_MAX]; | |
113 int exp_count; | |
114 } tag_exp_arg; | |
115 | |
116 static int bitstr_cb(const char *elem, int len, void *bitstr); | |
117 static int asn1_cb(const char *elem, int len, void *bitstr); | |
118 static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_cons
tructed, int exp_pad, int imp_ok); | |
119 static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass); | |
120 static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf); | |
121 static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype); | |
122 static int asn1_str2tag(const char *tagstr, int len); | |
123 | |
124 ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf) | |
125 { | |
126 X509V3_CTX cnf; | |
127 | |
128 if (!nconf) | |
129 return ASN1_generate_v3(str, NULL); | |
130 | |
131 X509V3_set_nconf(&cnf, nconf); | |
132 return ASN1_generate_v3(str, &cnf); | |
133 } | |
134 | |
135 ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) | |
136 { | |
137 ASN1_TYPE *ret; | |
138 tag_exp_arg asn1_tags; | |
139 tag_exp_type *etmp; | |
140 | |
141 int i, len; | |
142 | |
143 unsigned char *orig_der = NULL, *new_der = NULL; | |
144 const unsigned char *cpy_start; | |
145 unsigned char *p; | |
146 const unsigned char *cp; | |
147 int cpy_len; | |
148 long hdr_len; | |
149 int hdr_constructed = 0, hdr_tag, hdr_class; | |
150 int r; | |
151 | |
152 asn1_tags.imp_tag = -1; | |
153 asn1_tags.imp_class = -1; | |
154 asn1_tags.format = ASN1_GEN_FORMAT_ASCII; | |
155 asn1_tags.exp_count = 0; | |
156 if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0) | |
157 return NULL; | |
158 | |
159 if ((asn1_tags.utype == V_ASN1_SEQUENCE) || (asn1_tags.utype == V_ASN1_S
ET)) | |
160 { | |
161 if (!cnf) | |
162 { | |
163 ASN1err(ASN1_F_ASN1_GENERATE_V3, ASN1_R_SEQUENCE_OR_SET_
NEEDS_CONFIG); | |
164 return NULL; | |
165 } | |
166 ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf); | |
167 } | |
168 else | |
169 ret = asn1_str2type(asn1_tags.str, asn1_tags.format, asn1_tags.u
type); | |
170 | |
171 if (!ret) | |
172 return NULL; | |
173 | |
174 /* If no tagging return base type */ | |
175 if ((asn1_tags.imp_tag == -1) && (asn1_tags.exp_count == 0)) | |
176 return ret; | |
177 | |
178 /* Generate the encoding */ | |
179 cpy_len = i2d_ASN1_TYPE(ret, &orig_der); | |
180 ASN1_TYPE_free(ret); | |
181 ret = NULL; | |
182 /* Set point to start copying for modified encoding */ | |
183 cpy_start = orig_der; | |
184 | |
185 /* Do we need IMPLICIT tagging? */ | |
186 if (asn1_tags.imp_tag != -1) | |
187 { | |
188 /* If IMPLICIT we will replace the underlying tag */ | |
189 /* Skip existing tag+len */ | |
190 r = ASN1_get_object(&cpy_start, &hdr_len, &hdr_tag, &hdr_class,
cpy_len); | |
191 if (r & 0x80) | |
192 goto err; | |
193 /* Update copy length */ | |
194 cpy_len -= cpy_start - orig_der; | |
195 /* For IMPLICIT tagging the length should match the | |
196 * original length and constructed flag should be | |
197 * consistent. | |
198 */ | |
199 if (r & 0x1) | |
200 { | |
201 /* Indefinite length constructed */ | |
202 hdr_constructed = 2; | |
203 hdr_len = 0; | |
204 } | |
205 else | |
206 /* Just retain constructed flag */ | |
207 hdr_constructed = r & V_ASN1_CONSTRUCTED; | |
208 /* Work out new length with IMPLICIT tag: ignore constructed | |
209 * because it will mess up if indefinite length | |
210 */ | |
211 len = ASN1_object_size(0, hdr_len, asn1_tags.imp_tag); | |
212 } | |
213 else | |
214 len = cpy_len; | |
215 | |
216 /* Work out length in any EXPLICIT, starting from end */ | |
217 | |
218 for(i = 0, etmp = asn1_tags.exp_list + asn1_tags.exp_count - 1; i < asn1
_tags.exp_count; i++, etmp--) | |
219 { | |
220 /* Content length: number of content octets + any padding */ | |
221 len += etmp->exp_pad; | |
222 etmp->exp_len = len; | |
223 /* Total object length: length including new header */ | |
224 len = ASN1_object_size(0, len, etmp->exp_tag); | |
225 } | |
226 | |
227 /* Allocate buffer for new encoding */ | |
228 | |
229 new_der = OPENSSL_malloc(len); | |
230 if (!new_der) | |
231 goto err; | |
232 | |
233 /* Generate tagged encoding */ | |
234 | |
235 p = new_der; | |
236 | |
237 /* Output explicit tags first */ | |
238 | |
239 for (i = 0, etmp = asn1_tags.exp_list; i < asn1_tags.exp_count; i++, etm
p++) | |
240 { | |
241 ASN1_put_object(&p, etmp->exp_constructed, etmp->exp_len, | |
242 etmp->exp_tag, etmp->exp_class); | |
243 if (etmp->exp_pad) | |
244 *p++ = 0; | |
245 } | |
246 | |
247 /* If IMPLICIT, output tag */ | |
248 | |
249 if (asn1_tags.imp_tag != -1) | |
250 { | |
251 if (asn1_tags.imp_class == V_ASN1_UNIVERSAL | |
252 && (asn1_tags.imp_tag == V_ASN1_SEQUENCE | |
253 || asn1_tags.imp_tag == V_ASN1_SET) ) | |
254 hdr_constructed = V_ASN1_CONSTRUCTED; | |
255 ASN1_put_object(&p, hdr_constructed, hdr_len, | |
256 asn1_tags.imp_tag, asn1_tags.imp_class); | |
257 } | |
258 | |
259 /* Copy across original encoding */ | |
260 memcpy(p, cpy_start, cpy_len); | |
261 | |
262 cp = new_der; | |
263 | |
264 /* Obtain new ASN1_TYPE structure */ | |
265 ret = d2i_ASN1_TYPE(NULL, &cp, len); | |
266 | |
267 err: | |
268 if (orig_der) | |
269 OPENSSL_free(orig_der); | |
270 if (new_der) | |
271 OPENSSL_free(new_der); | |
272 | |
273 return ret; | |
274 | |
275 } | |
276 | |
277 static int asn1_cb(const char *elem, int len, void *bitstr) | |
278 { | |
279 tag_exp_arg *arg = bitstr; | |
280 int i; | |
281 int utype; | |
282 int vlen = 0; | |
283 const char *p, *vstart = NULL; | |
284 | |
285 int tmp_tag, tmp_class; | |
286 | |
287 for(i = 0, p = elem; i < len; p++, i++) | |
288 { | |
289 /* Look for the ':' in name value pairs */ | |
290 if (*p == ':') | |
291 { | |
292 vstart = p + 1; | |
293 vlen = len - (vstart - elem); | |
294 len = p - elem; | |
295 break; | |
296 } | |
297 } | |
298 | |
299 utype = asn1_str2tag(elem, len); | |
300 | |
301 if (utype == -1) | |
302 { | |
303 ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_TAG); | |
304 ERR_add_error_data(2, "tag=", elem); | |
305 return -1; | |
306 } | |
307 | |
308 /* If this is not a modifier mark end of string and exit */ | |
309 if (!(utype & ASN1_GEN_FLAG)) | |
310 { | |
311 arg->utype = utype; | |
312 arg->str = vstart; | |
313 /* If no value and not end of string, error */ | |
314 if (!vstart && elem[len]) | |
315 { | |
316 ASN1err(ASN1_F_ASN1_CB, ASN1_R_MISSING_VALUE); | |
317 return -1; | |
318 } | |
319 return 0; | |
320 } | |
321 | |
322 switch(utype) | |
323 { | |
324 | |
325 case ASN1_GEN_FLAG_IMP: | |
326 /* Check for illegal multiple IMPLICIT tagging */ | |
327 if (arg->imp_tag != -1) | |
328 { | |
329 ASN1err(ASN1_F_ASN1_CB, ASN1_R_ILLEGAL_NESTED_TAGGING); | |
330 return -1; | |
331 } | |
332 if (!parse_tagging(vstart, vlen, &arg->imp_tag, &arg->imp_class)
) | |
333 return -1; | |
334 break; | |
335 | |
336 case ASN1_GEN_FLAG_EXP: | |
337 | |
338 if (!parse_tagging(vstart, vlen, &tmp_tag, &tmp_class)) | |
339 return -1; | |
340 if (!append_exp(arg, tmp_tag, tmp_class, 1, 0, 0)) | |
341 return -1; | |
342 break; | |
343 | |
344 case ASN1_GEN_FLAG_SEQWRAP: | |
345 if (!append_exp(arg, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, 1, 0, 1)
) | |
346 return -1; | |
347 break; | |
348 | |
349 case ASN1_GEN_FLAG_SETWRAP: | |
350 if (!append_exp(arg, V_ASN1_SET, V_ASN1_UNIVERSAL, 1, 0, 1)) | |
351 return -1; | |
352 break; | |
353 | |
354 case ASN1_GEN_FLAG_BITWRAP: | |
355 if (!append_exp(arg, V_ASN1_BIT_STRING, V_ASN1_UNIVERSAL, 0, 1,
1)) | |
356 return -1; | |
357 break; | |
358 | |
359 case ASN1_GEN_FLAG_OCTWRAP: | |
360 if (!append_exp(arg, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL, 0, 0
, 1)) | |
361 return -1; | |
362 break; | |
363 | |
364 case ASN1_GEN_FLAG_FORMAT: | |
365 if (!strncmp(vstart, "ASCII", 5)) | |
366 arg->format = ASN1_GEN_FORMAT_ASCII; | |
367 else if (!strncmp(vstart, "UTF8", 4)) | |
368 arg->format = ASN1_GEN_FORMAT_UTF8; | |
369 else if (!strncmp(vstart, "HEX", 3)) | |
370 arg->format = ASN1_GEN_FORMAT_HEX; | |
371 else if (!strncmp(vstart, "BITLIST", 3)) | |
372 arg->format = ASN1_GEN_FORMAT_BITLIST; | |
373 else | |
374 { | |
375 ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT); | |
376 return -1; | |
377 } | |
378 break; | |
379 | |
380 } | |
381 | |
382 return 1; | |
383 | |
384 } | |
385 | |
386 static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass) | |
387 { | |
388 char erch[2]; | |
389 long tag_num; | |
390 char *eptr; | |
391 if (!vstart) | |
392 return 0; | |
393 tag_num = strtoul(vstart, &eptr, 10); | |
394 /* Check we haven't gone past max length: should be impossible */ | |
395 if (eptr && *eptr && (eptr > vstart + vlen)) | |
396 return 0; | |
397 if (tag_num < 0) | |
398 { | |
399 ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_NUMBER); | |
400 return 0; | |
401 } | |
402 *ptag = tag_num; | |
403 /* If we have non numeric characters, parse them */ | |
404 if (eptr) | |
405 vlen -= eptr - vstart; | |
406 else | |
407 vlen = 0; | |
408 if (vlen) | |
409 { | |
410 switch (*eptr) | |
411 { | |
412 | |
413 case 'U': | |
414 *pclass = V_ASN1_UNIVERSAL; | |
415 break; | |
416 | |
417 case 'A': | |
418 *pclass = V_ASN1_APPLICATION; | |
419 break; | |
420 | |
421 case 'P': | |
422 *pclass = V_ASN1_PRIVATE; | |
423 break; | |
424 | |
425 case 'C': | |
426 *pclass = V_ASN1_CONTEXT_SPECIFIC; | |
427 break; | |
428 | |
429 default: | |
430 erch[0] = *eptr; | |
431 erch[1] = 0; | |
432 ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_MODIFIER); | |
433 ERR_add_error_data(2, "Char=", erch); | |
434 return 0; | |
435 break; | |
436 | |
437 } | |
438 } | |
439 else | |
440 *pclass = V_ASN1_CONTEXT_SPECIFIC; | |
441 | |
442 return 1; | |
443 | |
444 } | |
445 | |
446 /* Handle multiple types: SET and SEQUENCE */ | |
447 | |
448 static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf) | |
449 { | |
450 ASN1_TYPE *ret = NULL; | |
451 STACK_OF(ASN1_TYPE) *sk = NULL; | |
452 STACK_OF(CONF_VALUE) *sect = NULL; | |
453 unsigned char *der = NULL; | |
454 int derlen; | |
455 int i; | |
456 sk = sk_ASN1_TYPE_new_null(); | |
457 if (!sk) | |
458 goto bad; | |
459 if (section) | |
460 { | |
461 if (!cnf) | |
462 goto bad; | |
463 sect = X509V3_get_section(cnf, (char *)section); | |
464 if (!sect) | |
465 goto bad; | |
466 for (i = 0; i < sk_CONF_VALUE_num(sect); i++) | |
467 { | |
468 ASN1_TYPE *typ = ASN1_generate_v3(sk_CONF_VALUE_value(se
ct, i)->value, cnf); | |
469 if (!typ) | |
470 goto bad; | |
471 if (!sk_ASN1_TYPE_push(sk, typ)) | |
472 goto bad; | |
473 } | |
474 } | |
475 | |
476 /* Now we has a STACK of the components, convert to the correct form */ | |
477 | |
478 if (utype == V_ASN1_SET) | |
479 derlen = i2d_ASN1_SET_ANY(sk, &der); | |
480 else | |
481 derlen = i2d_ASN1_SEQUENCE_ANY(sk, &der); | |
482 | |
483 if (derlen < 0) | |
484 goto bad; | |
485 | |
486 if (!(ret = ASN1_TYPE_new())) | |
487 goto bad; | |
488 | |
489 if (!(ret->value.asn1_string = ASN1_STRING_type_new(utype))) | |
490 goto bad; | |
491 | |
492 ret->type = utype; | |
493 | |
494 ret->value.asn1_string->data = der; | |
495 ret->value.asn1_string->length = derlen; | |
496 | |
497 der = NULL; | |
498 | |
499 bad: | |
500 | |
501 if (der) | |
502 OPENSSL_free(der); | |
503 | |
504 if (sk) | |
505 sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free); | |
506 if (sect) | |
507 X509V3_section_free(cnf, sect); | |
508 | |
509 return ret; | |
510 } | |
511 | |
512 static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_cons
tructed, int exp_pad, int imp_ok) | |
513 { | |
514 tag_exp_type *exp_tmp; | |
515 /* Can only have IMPLICIT if permitted */ | |
516 if ((arg->imp_tag != -1) && !imp_ok) | |
517 { | |
518 ASN1err(ASN1_F_APPEND_EXP, ASN1_R_ILLEGAL_IMPLICIT_TAG); | |
519 return 0; | |
520 } | |
521 | |
522 if (arg->exp_count == ASN1_FLAG_EXP_MAX) | |
523 { | |
524 ASN1err(ASN1_F_APPEND_EXP, ASN1_R_DEPTH_EXCEEDED); | |
525 return 0; | |
526 } | |
527 | |
528 exp_tmp = &arg->exp_list[arg->exp_count++]; | |
529 | |
530 /* If IMPLICIT set tag to implicit value then | |
531 * reset implicit tag since it has been used. | |
532 */ | |
533 if (arg->imp_tag != -1) | |
534 { | |
535 exp_tmp->exp_tag = arg->imp_tag; | |
536 exp_tmp->exp_class = arg->imp_class; | |
537 arg->imp_tag = -1; | |
538 arg->imp_class = -1; | |
539 } | |
540 else | |
541 { | |
542 exp_tmp->exp_tag = exp_tag; | |
543 exp_tmp->exp_class = exp_class; | |
544 } | |
545 exp_tmp->exp_constructed = exp_constructed; | |
546 exp_tmp->exp_pad = exp_pad; | |
547 | |
548 return 1; | |
549 } | |
550 | |
551 | |
552 static int asn1_str2tag(const char *tagstr, int len) | |
553 { | |
554 unsigned int i; | |
555 static const struct tag_name_st *tntmp, tnst [] = { | |
556 ASN1_GEN_STR("BOOL", V_ASN1_BOOLEAN), | |
557 ASN1_GEN_STR("BOOLEAN", V_ASN1_BOOLEAN), | |
558 ASN1_GEN_STR("NULL", V_ASN1_NULL), | |
559 ASN1_GEN_STR("INT", V_ASN1_INTEGER), | |
560 ASN1_GEN_STR("INTEGER", V_ASN1_INTEGER), | |
561 ASN1_GEN_STR("ENUM", V_ASN1_ENUMERATED), | |
562 ASN1_GEN_STR("ENUMERATED", V_ASN1_ENUMERATED), | |
563 ASN1_GEN_STR("OID", V_ASN1_OBJECT), | |
564 ASN1_GEN_STR("OBJECT", V_ASN1_OBJECT), | |
565 ASN1_GEN_STR("UTCTIME", V_ASN1_UTCTIME), | |
566 ASN1_GEN_STR("UTC", V_ASN1_UTCTIME), | |
567 ASN1_GEN_STR("GENERALIZEDTIME", V_ASN1_GENERALIZEDTIME), | |
568 ASN1_GEN_STR("GENTIME", V_ASN1_GENERALIZEDTIME), | |
569 ASN1_GEN_STR("OCT", V_ASN1_OCTET_STRING), | |
570 ASN1_GEN_STR("OCTETSTRING", V_ASN1_OCTET_STRING), | |
571 ASN1_GEN_STR("BITSTR", V_ASN1_BIT_STRING), | |
572 ASN1_GEN_STR("BITSTRING", V_ASN1_BIT_STRING), | |
573 ASN1_GEN_STR("UNIVERSALSTRING", V_ASN1_UNIVERSALSTRING), | |
574 ASN1_GEN_STR("UNIV", V_ASN1_UNIVERSALSTRING), | |
575 ASN1_GEN_STR("IA5", V_ASN1_IA5STRING), | |
576 ASN1_GEN_STR("IA5STRING", V_ASN1_IA5STRING), | |
577 ASN1_GEN_STR("UTF8", V_ASN1_UTF8STRING), | |
578 ASN1_GEN_STR("UTF8String", V_ASN1_UTF8STRING), | |
579 ASN1_GEN_STR("BMP", V_ASN1_BMPSTRING), | |
580 ASN1_GEN_STR("BMPSTRING", V_ASN1_BMPSTRING), | |
581 ASN1_GEN_STR("VISIBLESTRING", V_ASN1_VISIBLESTRING), | |
582 ASN1_GEN_STR("VISIBLE", V_ASN1_VISIBLESTRING), | |
583 ASN1_GEN_STR("PRINTABLESTRING", V_ASN1_PRINTABLESTRING), | |
584 ASN1_GEN_STR("PRINTABLE", V_ASN1_PRINTABLESTRING), | |
585 ASN1_GEN_STR("T61", V_ASN1_T61STRING), | |
586 ASN1_GEN_STR("T61STRING", V_ASN1_T61STRING), | |
587 ASN1_GEN_STR("TELETEXSTRING", V_ASN1_T61STRING), | |
588 ASN1_GEN_STR("GeneralString", V_ASN1_GENERALSTRING), | |
589 ASN1_GEN_STR("GENSTR", V_ASN1_GENERALSTRING), | |
590 ASN1_GEN_STR("NUMERIC", V_ASN1_NUMERICSTRING), | |
591 ASN1_GEN_STR("NUMERICSTRING", V_ASN1_NUMERICSTRING), | |
592 | |
593 /* Special cases */ | |
594 ASN1_GEN_STR("SEQUENCE", V_ASN1_SEQUENCE), | |
595 ASN1_GEN_STR("SEQ", V_ASN1_SEQUENCE), | |
596 ASN1_GEN_STR("SET", V_ASN1_SET), | |
597 /* type modifiers */ | |
598 /* Explicit tag */ | |
599 ASN1_GEN_STR("EXP", ASN1_GEN_FLAG_EXP), | |
600 ASN1_GEN_STR("EXPLICIT", ASN1_GEN_FLAG_EXP), | |
601 /* Implicit tag */ | |
602 ASN1_GEN_STR("IMP", ASN1_GEN_FLAG_IMP), | |
603 ASN1_GEN_STR("IMPLICIT", ASN1_GEN_FLAG_IMP), | |
604 /* OCTET STRING wrapper */ | |
605 ASN1_GEN_STR("OCTWRAP", ASN1_GEN_FLAG_OCTWRAP), | |
606 /* SEQUENCE wrapper */ | |
607 ASN1_GEN_STR("SEQWRAP", ASN1_GEN_FLAG_SEQWRAP), | |
608 /* SET wrapper */ | |
609 ASN1_GEN_STR("SETWRAP", ASN1_GEN_FLAG_SETWRAP), | |
610 /* BIT STRING wrapper */ | |
611 ASN1_GEN_STR("BITWRAP", ASN1_GEN_FLAG_BITWRAP), | |
612 ASN1_GEN_STR("FORM", ASN1_GEN_FLAG_FORMAT), | |
613 ASN1_GEN_STR("FORMAT", ASN1_GEN_FLAG_FORMAT), | |
614 }; | |
615 | |
616 if (len == -1) | |
617 len = strlen(tagstr); | |
618 | |
619 tntmp = tnst; | |
620 for (i = 0; i < sizeof(tnst) / sizeof(struct tag_name_st); i++, tntmp++) | |
621 { | |
622 if ((len == tntmp->len) && !strncmp(tntmp->strnam, tagstr, len)) | |
623 return tntmp->tag; | |
624 } | |
625 | |
626 return -1; | |
627 } | |
628 | |
629 static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) | |
630 { | |
631 ASN1_TYPE *atmp = NULL; | |
632 | |
633 CONF_VALUE vtmp; | |
634 | |
635 unsigned char *rdata; | |
636 long rdlen; | |
637 | |
638 int no_unused = 1; | |
639 | |
640 if (!(atmp = ASN1_TYPE_new())) | |
641 { | |
642 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); | |
643 return NULL; | |
644 } | |
645 | |
646 if (!str) | |
647 str = ""; | |
648 | |
649 switch(utype) | |
650 { | |
651 | |
652 case V_ASN1_NULL: | |
653 if (str && *str) | |
654 { | |
655 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_NULL_VALUE)
; | |
656 goto bad_form; | |
657 } | |
658 break; | |
659 | |
660 case V_ASN1_BOOLEAN: | |
661 if (format != ASN1_GEN_FORMAT_ASCII) | |
662 { | |
663 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_NOT_ASCII_FORMAT); | |
664 goto bad_form; | |
665 } | |
666 vtmp.name = NULL; | |
667 vtmp.section = NULL; | |
668 vtmp.value = (char *)str; | |
669 if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) | |
670 { | |
671 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BOOLEAN); | |
672 goto bad_str; | |
673 } | |
674 break; | |
675 | |
676 case V_ASN1_INTEGER: | |
677 case V_ASN1_ENUMERATED: | |
678 if (format != ASN1_GEN_FORMAT_ASCII) | |
679 { | |
680 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_INTEGER_NOT_ASCII_F
ORMAT); | |
681 goto bad_form; | |
682 } | |
683 if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str))
) | |
684 { | |
685 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_INTEGER); | |
686 goto bad_str; | |
687 } | |
688 break; | |
689 | |
690 case V_ASN1_OBJECT: | |
691 if (format != ASN1_GEN_FORMAT_ASCII) | |
692 { | |
693 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_OBJECT_NOT_ASCII_FO
RMAT); | |
694 goto bad_form; | |
695 } | |
696 if (!(atmp->value.object = OBJ_txt2obj(str, 0))) | |
697 { | |
698 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_OBJECT); | |
699 goto bad_str; | |
700 } | |
701 break; | |
702 | |
703 case V_ASN1_UTCTIME: | |
704 case V_ASN1_GENERALIZEDTIME: | |
705 if (format != ASN1_GEN_FORMAT_ASCII) | |
706 { | |
707 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_TIME_NOT_ASCII_FORM
AT); | |
708 goto bad_form; | |
709 } | |
710 if (!(atmp->value.asn1_string = ASN1_STRING_new())) | |
711 { | |
712 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); | |
713 goto bad_str; | |
714 } | |
715 if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) | |
716 { | |
717 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); | |
718 goto bad_str; | |
719 } | |
720 atmp->value.asn1_string->type = utype; | |
721 if (!ASN1_TIME_check(atmp->value.asn1_string)) | |
722 { | |
723 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_TIME_VALUE)
; | |
724 goto bad_str; | |
725 } | |
726 | |
727 break; | |
728 | |
729 case V_ASN1_BMPSTRING: | |
730 case V_ASN1_PRINTABLESTRING: | |
731 case V_ASN1_IA5STRING: | |
732 case V_ASN1_T61STRING: | |
733 case V_ASN1_UTF8STRING: | |
734 case V_ASN1_VISIBLESTRING: | |
735 case V_ASN1_UNIVERSALSTRING: | |
736 case V_ASN1_GENERALSTRING: | |
737 case V_ASN1_NUMERICSTRING: | |
738 | |
739 if (format == ASN1_GEN_FORMAT_ASCII) | |
740 format = MBSTRING_ASC; | |
741 else if (format == ASN1_GEN_FORMAT_UTF8) | |
742 format = MBSTRING_UTF8; | |
743 else | |
744 { | |
745 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_FORMAT); | |
746 goto bad_form; | |
747 } | |
748 | |
749 | |
750 if (ASN1_mbstring_copy(&atmp->value.asn1_string, (unsigned char
*)str, | |
751 -1, format, ASN1_tag2bit(utype))
<= 0) | |
752 { | |
753 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); | |
754 goto bad_str; | |
755 } | |
756 | |
757 | |
758 break; | |
759 | |
760 case V_ASN1_BIT_STRING: | |
761 | |
762 case V_ASN1_OCTET_STRING: | |
763 | |
764 if (!(atmp->value.asn1_string = ASN1_STRING_new())) | |
765 { | |
766 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); | |
767 goto bad_form; | |
768 } | |
769 | |
770 if (format == ASN1_GEN_FORMAT_HEX) | |
771 { | |
772 | |
773 if (!(rdata = string_to_hex((char *)str, &rdlen))) | |
774 { | |
775 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_HEX
); | |
776 goto bad_str; | |
777 } | |
778 | |
779 atmp->value.asn1_string->data = rdata; | |
780 atmp->value.asn1_string->length = rdlen; | |
781 atmp->value.asn1_string->type = utype; | |
782 | |
783 } | |
784 else if (format == ASN1_GEN_FORMAT_ASCII) | |
785 ASN1_STRING_set(atmp->value.asn1_string, str, -1); | |
786 else if ((format == ASN1_GEN_FORMAT_BITLIST) && (utype == V_ASN1
_BIT_STRING)) | |
787 { | |
788 if (!CONF_parse_list(str, ',', 1, bitstr_cb, atmp->value
.bit_string)) | |
789 { | |
790 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_LIST_ERROR)
; | |
791 goto bad_str; | |
792 } | |
793 no_unused = 0; | |
794 | |
795 } | |
796 else | |
797 { | |
798 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BITSTRING_F
ORMAT); | |
799 goto bad_form; | |
800 } | |
801 | |
802 if ((utype == V_ASN1_BIT_STRING) && no_unused) | |
803 { | |
804 atmp->value.asn1_string->flags | |
805 &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); | |
806 atmp->value.asn1_string->flags | |
807 |= ASN1_STRING_FLAG_BITS_LEFT; | |
808 } | |
809 | |
810 | |
811 break; | |
812 | |
813 default: | |
814 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_UNSUPPORTED_TYPE); | |
815 goto bad_str; | |
816 break; | |
817 } | |
818 | |
819 | |
820 atmp->type = utype; | |
821 return atmp; | |
822 | |
823 | |
824 bad_str: | |
825 ERR_add_error_data(2, "string=", str); | |
826 bad_form: | |
827 | |
828 ASN1_TYPE_free(atmp); | |
829 return NULL; | |
830 | |
831 } | |
832 | |
833 static int bitstr_cb(const char *elem, int len, void *bitstr) | |
834 { | |
835 long bitnum; | |
836 char *eptr; | |
837 if (!elem) | |
838 return 0; | |
839 bitnum = strtoul(elem, &eptr, 10); | |
840 if (eptr && *eptr && (eptr != elem + len)) | |
841 return 0; | |
842 if (bitnum < 0) | |
843 { | |
844 ASN1err(ASN1_F_BITSTR_CB, ASN1_R_INVALID_NUMBER); | |
845 return 0; | |
846 } | |
847 if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) | |
848 { | |
849 ASN1err(ASN1_F_BITSTR_CB, ERR_R_MALLOC_FAILURE); | |
850 return 0; | |
851 } | |
852 return 1; | |
853 } | |
854 | |
OLD | NEW |