1 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com) 2 * All rights reserved. 3 * 4 * This package is an SSL implementation written 5 * by Eric Young (eay (at) cryptsoft.com). 6 * The implementation was written so as to conform with Netscapes SSL. 7 * 8 * This library is free for commercial and non-commercial use as long as 9 * the following conditions are aheared to. The following conditions 10 * apply to all code found in this distribution, be it the RC4, RSA, 11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * included with this distribution is covered by the same copyright terms 13 * except that the holder is Tim Hudson (tjh (at) cryptsoft.com). 14 * 15 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * the code are not to be removed. 17 * If this package is used in a product, Eric Young should be given attribution 18 * as the author of the parts of the library used. 19 * This can be in the form of a textual message at program startup or 20 * in documentation (online or textual) provided with the package. 21 * 22 * Redistribution and use in source and binary forms, with or without 23 * modification, are permitted provided that the following conditions 24 * are met: 25 * 1. Redistributions of source code must retain the copyright 26 * notice, this list of conditions and the following disclaimer. 27 * 2. Redistributions in binary form must reproduce the above copyright 28 * notice, this list of conditions and the following disclaimer in the 29 * documentation and/or other materials provided with the distribution. 30 * 3. All advertising materials mentioning features or use of this software 31 * must display the following acknowledgement: 32 * "This product includes cryptographic software written by 33 * Eric Young (eay (at) cryptsoft.com)" 34 * The word 'cryptographic' can be left out if the rouines from the library 35 * being used are not cryptographic related :-). 36 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * the apps directory (application code) you must include an acknowledgement: 38 * "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 * 52 * The licence and distribution terms for any publically available version or 53 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * copied and put under another distribution licence 55 * [including the GNU Public Licence.] */ 56 57 #include <openssl/asn1.h> 58 59 #include <string.h> 60 61 #include <openssl/err.h> 62 #include <openssl/mem.h> 63 64 65 static int traverse_string(const unsigned char *p, int len, int inform, 66 int (*rfunc)(unsigned long value, void *in), void *arg); 67 static int in_utf8(unsigned long value, void *arg); 68 static int out_utf8(unsigned long value, void *arg); 69 static int type_str(unsigned long value, void *arg); 70 static int cpy_asc(unsigned long value, void *arg); 71 static int cpy_bmp(unsigned long value, void *arg); 72 static int cpy_univ(unsigned long value, void *arg); 73 static int cpy_utf8(unsigned long value, void *arg); 74 static int is_printable(unsigned long value); 75 76 /* These functions take a string in UTF8, ASCII or multibyte form and 77 * a mask of permissible ASN1 string types. It then works out the minimal 78 * type (using the order Printable < IA5 < T61 < BMP < Universal < UTF8) 79 * and creates a string of the correct type with the supplied data. 80 * Yes this is horrible: it has to be :-( 81 * The 'ncopy' form checks minimum and maximum size limits too. 82 */ 83 84 int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len, 85 int inform, unsigned long mask) 86 { 87 return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0); 88 } 89 90 int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, 91 int inform, unsigned long mask, 92 long minsize, long maxsize) 93 { 94 int str_type; 95 int ret; 96 char free_out; 97 int outform, outlen = 0; 98 ASN1_STRING *dest; 99 unsigned char *p; 100 int nchar; 101 char strbuf[32]; 102 int (*cpyfunc)(unsigned long,void *) = NULL; 103 if(len == -1) len = strlen((const char *)in); 104 if(!mask) mask = DIRSTRING_TYPE; 105 106 /* First do a string check and work out the number of characters */ 107 switch(inform) { 108 109 case MBSTRING_BMP: 110 if(len & 1) { 111 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_BMPSTRING_LENGTH); 112 return -1; 113 } 114 nchar = len >> 1; 115 break; 116 117 case MBSTRING_UNIV: 118 if(len & 3) { 119 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); 120 return -1; 121 } 122 nchar = len >> 2; 123 break; 124 125 case MBSTRING_UTF8: 126 nchar = 0; 127 /* This counts the characters and does utf8 syntax checking */ 128 ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar); 129 if(ret < 0) { 130 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_UTF8STRING); 131 return -1; 132 } 133 break; 134 135 case MBSTRING_ASC: 136 nchar = len; 137 break; 138 139 default: 140 OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_FORMAT); 141 return -1; 142 } 143 144 if((minsize > 0) && (nchar < minsize)) { 145 OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_SHORT); 146 BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize); 147 ERR_add_error_data(2, "minsize=", strbuf); 148 return -1; 149 } 150 151 if((maxsize > 0) && (nchar > maxsize)) { 152 OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_LONG); 153 BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize); 154 ERR_add_error_data(2, "maxsize=", strbuf); 155 return -1; 156 } 157 158 /* Now work out minimal type (if any) */ 159 if(traverse_string(in, len, inform, type_str, &mask) < 0) { 160 OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_CHARACTERS); 161 return -1; 162 } 163 164 165 /* Now work out output format and string type */ 166 outform = MBSTRING_ASC; 167 if(mask & B_ASN1_PRINTABLESTRING) str_type = V_ASN1_PRINTABLESTRING; 168 else if(mask & B_ASN1_IA5STRING) str_type = V_ASN1_IA5STRING; 169 else if(mask & B_ASN1_T61STRING) str_type = V_ASN1_T61STRING; 170 else if(mask & B_ASN1_BMPSTRING) { 171 str_type = V_ASN1_BMPSTRING; 172 outform = MBSTRING_BMP; 173 } else if(mask & B_ASN1_UNIVERSALSTRING) { 174 str_type = V_ASN1_UNIVERSALSTRING; 175 outform = MBSTRING_UNIV; 176 } else { 177 str_type = V_ASN1_UTF8STRING; 178 outform = MBSTRING_UTF8; 179 } 180 if(!out) return str_type; 181 if(*out) { 182 free_out = 0; 183 dest = *out; 184 if(dest->data) { 185 dest->length = 0; 186 OPENSSL_free(dest->data); 187 dest->data = NULL; 188 } 189 dest->type = str_type; 190 } else { 191 free_out = 1; 192 dest = ASN1_STRING_type_new(str_type); 193 if(!dest) { 194 OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); 195 return -1; 196 } 197 *out = dest; 198 } 199 /* If both the same type just copy across */ 200 if(inform == outform) { 201 if(!ASN1_STRING_set(dest, in, len)) { 202 OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); 203 return -1; 204 } 205 return str_type; 206 } 207 208 /* Work out how much space the destination will need */ 209 switch(outform) { 210 case MBSTRING_ASC: 211 outlen = nchar; 212 cpyfunc = cpy_asc; 213 break; 214 215 case MBSTRING_BMP: 216 outlen = nchar << 1; 217 cpyfunc = cpy_bmp; 218 break; 219 220 case MBSTRING_UNIV: 221 outlen = nchar << 2; 222 cpyfunc = cpy_univ; 223 break; 224 225 case MBSTRING_UTF8: 226 outlen = 0; 227 traverse_string(in, len, inform, out_utf8, &outlen); 228 cpyfunc = cpy_utf8; 229 break; 230 } 231 if(!(p = OPENSSL_malloc(outlen + 1))) { 232 if(free_out) ASN1_STRING_free(dest); 233 OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); 234 return -1; 235 } 236 dest->length = outlen; 237 dest->data = p; 238 p[outlen] = 0; 239 traverse_string(in, len, inform, cpyfunc, &p); 240 return str_type; 241 } 242 243 /* This function traverses a string and passes the value of each character 244 * to an optional function along with a void * argument. 245 */ 246 247 static int traverse_string(const unsigned char *p, int len, int inform, 248 int (*rfunc)(unsigned long value, void *in), void *arg) 249 { 250 unsigned long value; 251 int ret; 252 while(len) { 253 if(inform == MBSTRING_ASC) { 254 value = *p++; 255 len--; 256 } else if(inform == MBSTRING_BMP) { 257 value = *p++ << 8; 258 value |= *p++; 259 len -= 2; 260 } else if(inform == MBSTRING_UNIV) { 261 value = ((unsigned long)*p++) << 24; 262 value |= ((unsigned long)*p++) << 16; 263 value |= *p++ << 8; 264 value |= *p++; 265 len -= 4; 266 } else { 267 ret = UTF8_getc(p, len, &value); 268 if(ret < 0) return -1; 269 len -= ret; 270 p += ret; 271 } 272 if(rfunc) { 273 ret = rfunc(value, arg); 274 if(ret <= 0) return ret; 275 } 276 } 277 return 1; 278 } 279 280 /* Various utility functions for traverse_string */ 281 282 /* Just count number of characters */ 283 284 static int in_utf8(unsigned long value, void *arg) 285 { 286 int *nchar; 287 nchar = arg; 288 (*nchar)++; 289 return 1; 290 } 291 292 /* Determine size of output as a UTF8 String */ 293 294 static int out_utf8(unsigned long value, void *arg) 295 { 296 int *outlen; 297 outlen = arg; 298 *outlen += UTF8_putc(NULL, -1, value); 299 return 1; 300 } 301 302 /* Determine the "type" of a string: check each character against a 303 * supplied "mask". 304 */ 305 306 static int type_str(unsigned long value, void *arg) 307 { 308 unsigned long types; 309 types = *((unsigned long *)arg); 310 if((types & B_ASN1_PRINTABLESTRING) && !is_printable(value)) 311 types &= ~B_ASN1_PRINTABLESTRING; 312 if((types & B_ASN1_IA5STRING) && (value > 127)) 313 types &= ~B_ASN1_IA5STRING; 314 if((types & B_ASN1_T61STRING) && (value > 0xff)) 315 types &= ~B_ASN1_T61STRING; 316 if((types & B_ASN1_BMPSTRING) && (value > 0xffff)) 317 types &= ~B_ASN1_BMPSTRING; 318 if(!types) return -1; 319 *((unsigned long *)arg) = types; 320 return 1; 321 } 322 323 /* Copy one byte per character ASCII like strings */ 324 325 static int cpy_asc(unsigned long value, void *arg) 326 { 327 unsigned char **p, *q; 328 p = arg; 329 q = *p; 330 *q = (unsigned char) value; 331 (*p)++; 332 return 1; 333 } 334 335 /* Copy two byte per character BMPStrings */ 336 337 static int cpy_bmp(unsigned long value, void *arg) 338 { 339 unsigned char **p, *q; 340 p = arg; 341 q = *p; 342 *q++ = (unsigned char) ((value >> 8) & 0xff); 343 *q = (unsigned char) (value & 0xff); 344 *p += 2; 345 return 1; 346 } 347 348 /* Copy four byte per character UniversalStrings */ 349 350 static int cpy_univ(unsigned long value, void *arg) 351 { 352 unsigned char **p, *q; 353 p = arg; 354 q = *p; 355 *q++ = (unsigned char) ((value >> 24) & 0xff); 356 *q++ = (unsigned char) ((value >> 16) & 0xff); 357 *q++ = (unsigned char) ((value >> 8) & 0xff); 358 *q = (unsigned char) (value & 0xff); 359 *p += 4; 360 return 1; 361 } 362 363 /* Copy to a UTF8String */ 364 365 static int cpy_utf8(unsigned long value, void *arg) 366 { 367 unsigned char **p; 368 int ret; 369 p = arg; 370 /* We already know there is enough room so pass 0xff as the length */ 371 ret = UTF8_putc(*p, 0xff, value); 372 *p += ret; 373 return 1; 374 } 375 376 /* Return 1 if the character is permitted in a PrintableString */ 377 static int is_printable(unsigned long value) 378 { 379 int ch; 380 if(value > 0x7f) return 0; 381 ch = (int) value; 382 /* Note: we can't use 'isalnum' because certain accented 383 * characters may count as alphanumeric in some environments. 384 */ 385 if((ch >= 'a') && (ch <= 'z')) return 1; 386 if((ch >= 'A') && (ch <= 'Z')) return 1; 387 if((ch >= '0') && (ch <= '9')) return 1; 388 if ((ch == ' ') || strchr("'()+,-./:=?", ch)) return 1; 389 return 0; 390 } 391
