1 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com) 2 * All rights reserved. 3 * 4 * This package is an SSL implementation written 5 * by Eric Young (eay (at) cryptsoft.com). 6 * The implementation was written so as to conform with Netscapes SSL. 7 * 8 * This library is free for commercial and non-commercial use as long as 9 * the following conditions are aheared to. The following conditions 10 * apply to all code found in this distribution, be it the RC4, RSA, 11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * included with this distribution is covered by the same copyright terms 13 * except that the holder is Tim Hudson (tjh (at) cryptsoft.com). 14 * 15 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * the code are not to be removed. 17 * If this package is used in a product, Eric Young should be given attribution 18 * as the author of the parts of the library used. 19 * This can be in the form of a textual message at program startup or 20 * in documentation (online or textual) provided with the package. 21 * 22 * Redistribution and use in source and binary forms, with or without 23 * modification, are permitted provided that the following conditions 24 * are met: 25 * 1. Redistributions of source code must retain the copyright 26 * notice, this list of conditions and the following disclaimer. 27 * 2. Redistributions in binary form must reproduce the above copyright 28 * notice, this list of conditions and the following disclaimer in the 29 * documentation and/or other materials provided with the distribution. 30 * 3. All advertising materials mentioning features or use of this software 31 * must display the following acknowledgement: 32 * "This product includes cryptographic software written by 33 * Eric Young (eay (at) cryptsoft.com)" 34 * The word 'cryptographic' can be left out if the rouines from the library 35 * being used are not cryptographic related :-). 36 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * the apps directory (application code) you must include an acknowledgement: 38 * "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 * 52 * The licence and distribution terms for any publically available version or 53 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * copied and put under another distribution licence 55 * [including the GNU Public Licence.] */ 56 57 #include <openssl/asn1.h> 58 59 #include <limits.h> 60 #include <string.h> 61 62 #include <openssl/err.h> 63 #include <openssl/mem.h> 64 #include <openssl/obj.h> 65 66 #include "../internal.h" 67 68 69 int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp) 70 { 71 unsigned char *p; 72 int objsize; 73 74 if ((a == NULL) || (a->data == NULL)) 75 return (0); 76 77 objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT); 78 if (pp == NULL || objsize == -1) 79 return objsize; 80 81 p = *pp; 82 ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL); 83 OPENSSL_memcpy(p, a->data, a->length); 84 p += a->length; 85 86 *pp = p; 87 return (objsize); 88 } 89 90 int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) 91 { 92 int i, first, len = 0, c, use_bn; 93 char ftmp[24], *tmp = ftmp; 94 int tmpsize = sizeof ftmp; 95 const char *p; 96 unsigned long l; 97 BIGNUM *bl = NULL; 98 99 if (num == 0) 100 return (0); 101 else if (num == -1) 102 num = strlen(buf); 103 104 p = buf; 105 c = *(p++); 106 num--; 107 if ((c >= '0') && (c <= '2')) { 108 first = c - '0'; 109 } else { 110 OPENSSL_PUT_ERROR(ASN1, ASN1_R_FIRST_NUM_TOO_LARGE); 111 goto err; 112 } 113 114 if (num <= 0) { 115 OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_SECOND_NUMBER); 116 goto err; 117 } 118 c = *(p++); 119 num--; 120 for (;;) { 121 if (num <= 0) 122 break; 123 if ((c != '.') && (c != ' ')) { 124 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_SEPARATOR); 125 goto err; 126 } 127 l = 0; 128 use_bn = 0; 129 for (;;) { 130 if (num <= 0) 131 break; 132 num--; 133 c = *(p++); 134 if ((c == ' ') || (c == '.')) 135 break; 136 if ((c < '0') || (c > '9')) { 137 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_DIGIT); 138 goto err; 139 } 140 if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) { 141 use_bn = 1; 142 if (!bl) 143 bl = BN_new(); 144 if (!bl || !BN_set_word(bl, l)) 145 goto err; 146 } 147 if (use_bn) { 148 if (!BN_mul_word(bl, 10L) 149 || !BN_add_word(bl, c - '0')) 150 goto err; 151 } else 152 l = l * 10L + (long)(c - '0'); 153 } 154 if (len == 0) { 155 if ((first < 2) && (l >= 40)) { 156 OPENSSL_PUT_ERROR(ASN1, ASN1_R_SECOND_NUMBER_TOO_LARGE); 157 goto err; 158 } 159 if (use_bn) { 160 if (!BN_add_word(bl, first * 40)) 161 goto err; 162 } else 163 l += (long)first *40; 164 } 165 i = 0; 166 if (use_bn) { 167 int blsize; 168 blsize = BN_num_bits(bl); 169 blsize = (blsize + 6) / 7; 170 if (blsize > tmpsize) { 171 if (tmp != ftmp) 172 OPENSSL_free(tmp); 173 tmpsize = blsize + 32; 174 tmp = OPENSSL_malloc(tmpsize); 175 if (!tmp) 176 goto err; 177 } 178 while (blsize--) { 179 BN_ULONG t = BN_div_word(bl, 0x80L); 180 if (t == (BN_ULONG)-1) 181 goto err; 182 tmp[i++] = (unsigned char)t; 183 } 184 } else { 185 186 for (;;) { 187 tmp[i++] = (unsigned char)l & 0x7f; 188 l >>= 7L; 189 if (l == 0L) 190 break; 191 } 192 193 } 194 if (out != NULL) { 195 if (len + i > olen) { 196 OPENSSL_PUT_ERROR(ASN1, ASN1_R_BUFFER_TOO_SMALL); 197 goto err; 198 } 199 while (--i > 0) 200 out[len++] = tmp[i] | 0x80; 201 out[len++] = tmp[0]; 202 } else 203 len += i; 204 } 205 if (tmp != ftmp) 206 OPENSSL_free(tmp); 207 if (bl) 208 BN_free(bl); 209 return (len); 210 err: 211 if (tmp != ftmp) 212 OPENSSL_free(tmp); 213 if (bl) 214 BN_free(bl); 215 return (0); 216 } 217 218 int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a) 219 { 220 return OBJ_obj2txt(buf, buf_len, a, 0); 221 } 222 223 int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) 224 { 225 char buf[80], *p = buf; 226 int i; 227 228 if ((a == NULL) || (a->data == NULL)) 229 return (BIO_write(bp, "NULL", 4)); 230 i = i2t_ASN1_OBJECT(buf, sizeof buf, a); 231 if (i > (int)(sizeof(buf) - 1)) { 232 p = OPENSSL_malloc(i + 1); 233 if (!p) 234 return -1; 235 i2t_ASN1_OBJECT(p, i + 1, a); 236 } 237 if (i <= 0) 238 return BIO_write(bp, "<INVALID>", 9); 239 BIO_write(bp, p, i); 240 if (p != buf) 241 OPENSSL_free(p); 242 return (i); 243 } 244 245 ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, 246 long length) 247 { 248 const unsigned char *p; 249 long len; 250 int tag, xclass; 251 int inf, i; 252 ASN1_OBJECT *ret = NULL; 253 p = *pp; 254 inf = ASN1_get_object(&p, &len, &tag, &xclass, length); 255 if (inf & 0x80) { 256 i = ASN1_R_BAD_OBJECT_HEADER; 257 goto err; 258 } 259 260 if (tag != V_ASN1_OBJECT) { 261 i = ASN1_R_EXPECTING_AN_OBJECT; 262 goto err; 263 } 264 ret = c2i_ASN1_OBJECT(a, &p, len); 265 if (ret) 266 *pp = p; 267 return ret; 268 err: 269 OPENSSL_PUT_ERROR(ASN1, i); 270 return (NULL); 271 } 272 273 ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, 274 long len) 275 { 276 ASN1_OBJECT *ret = NULL; 277 const unsigned char *p; 278 unsigned char *data; 279 int i, length; 280 281 /* 282 * Sanity check OID encoding. Need at least one content octet. MSB must 283 * be clear in the last octet. can't have leading 0x80 in subidentifiers, 284 * see: X.690 8.19.2 285 */ 286 if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL || 287 p[len - 1] & 0x80) { 288 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_OBJECT_ENCODING); 289 return NULL; 290 } 291 /* Now 0 < len <= INT_MAX, so the cast is safe. */ 292 length = (int)len; 293 for (i = 0; i < length; i++, p++) { 294 if (*p == 0x80 && (!i || !(p[-1] & 0x80))) { 295 OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_OBJECT_ENCODING); 296 return NULL; 297 } 298 } 299 300 /* 301 * only the ASN1_OBJECTs from the 'table' will have values for ->sn or 302 * ->ln 303 */ 304 if ((a == NULL) || ((*a) == NULL) || 305 !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) { 306 if ((ret = ASN1_OBJECT_new()) == NULL) 307 return (NULL); 308 } else 309 ret = (*a); 310 311 p = *pp; 312 /* detach data from object */ 313 data = (unsigned char *)ret->data; 314 ret->data = NULL; 315 /* once detached we can change it */ 316 if ((data == NULL) || (ret->length < length)) { 317 ret->length = 0; 318 if (data != NULL) 319 OPENSSL_free(data); 320 data = (unsigned char *)OPENSSL_malloc(length); 321 if (data == NULL) { 322 i = ERR_R_MALLOC_FAILURE; 323 goto err; 324 } 325 ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA; 326 } 327 OPENSSL_memcpy(data, p, length); 328 /* reattach data to object, after which it remains const */ 329 ret->data = data; 330 ret->length = length; 331 ret->sn = NULL; 332 ret->ln = NULL; 333 /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */ 334 p += length; 335 336 if (a != NULL) 337 (*a) = ret; 338 *pp = p; 339 return (ret); 340 err: 341 OPENSSL_PUT_ERROR(ASN1, i); 342 if ((ret != NULL) && ((a == NULL) || (*a != ret))) 343 ASN1_OBJECT_free(ret); 344 return (NULL); 345 } 346 347 ASN1_OBJECT *ASN1_OBJECT_new(void) 348 { 349 ASN1_OBJECT *ret; 350 351 ret = (ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT)); 352 if (ret == NULL) { 353 OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); 354 return (NULL); 355 } 356 ret->length = 0; 357 ret->data = NULL; 358 ret->nid = 0; 359 ret->sn = NULL; 360 ret->ln = NULL; 361 ret->flags = ASN1_OBJECT_FLAG_DYNAMIC; 362 return (ret); 363 } 364 365 void ASN1_OBJECT_free(ASN1_OBJECT *a) 366 { 367 if (a == NULL) 368 return; 369 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) { 370 #ifndef CONST_STRICT /* disable purely for compile-time strict 371 * const checking. Doing this on a "real" 372 * compile will cause memory leaks */ 373 if (a->sn != NULL) 374 OPENSSL_free((void *)a->sn); 375 if (a->ln != NULL) 376 OPENSSL_free((void *)a->ln); 377 #endif 378 a->sn = a->ln = NULL; 379 } 380 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) { 381 if (a->data != NULL) 382 OPENSSL_free((void *)a->data); 383 a->data = NULL; 384 a->length = 0; 385 } 386 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC) 387 OPENSSL_free(a); 388 } 389 390 ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len, 391 const char *sn, const char *ln) 392 { 393 ASN1_OBJECT o; 394 395 o.sn = sn; 396 o.ln = ln; 397 o.data = data; 398 o.nid = nid; 399 o.length = len; 400 o.flags = ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | 401 ASN1_OBJECT_FLAG_DYNAMIC_DATA; 402 return (OBJ_dup(&o)); 403 } 404