Line data Source code
1 : /* asn1_gen.c */
2 : /*
3 : * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
4 : * 2002.
5 : */
6 : /* ====================================================================
7 : * Copyright (c) 2002 The OpenSSL Project. All rights reserved.
8 : *
9 : * Redistribution and use in source and binary forms, with or without
10 : * modification, are permitted provided that the following conditions
11 : * are met:
12 : *
13 : * 1. Redistributions of source code must retain the above copyright
14 : * notice, this list of conditions and the following disclaimer.
15 : *
16 : * 2. Redistributions in binary form must reproduce the above copyright
17 : * notice, this list of conditions and the following disclaimer in
18 : * the documentation and/or other materials provided with the
19 : * distribution.
20 : *
21 : * 3. All advertising materials mentioning features or use of this
22 : * software must display the following acknowledgment:
23 : * "This product includes software developed by the OpenSSL Project
24 : * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 : *
26 : * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 : * endorse or promote products derived from this software without
28 : * prior written permission. For written permission, please contact
29 : * licensing@OpenSSL.org.
30 : *
31 : * 5. Products derived from this software may not be called "OpenSSL"
32 : * nor may "OpenSSL" appear in their names without prior written
33 : * permission of the OpenSSL Project.
34 : *
35 : * 6. Redistributions of any form whatsoever must retain the following
36 : * acknowledgment:
37 : * "This product includes software developed by the OpenSSL Project
38 : * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 : *
40 : * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 : * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 : * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 : * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 : * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 : * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 : * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 : * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 : * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 : * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 : * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 : * OF THE POSSIBILITY OF SUCH DAMAGE.
52 : * ====================================================================
53 : *
54 : * This product includes cryptographic software written by Eric Young
55 : * (eay@cryptsoft.com). This product includes software written by Tim
56 : * Hudson (tjh@cryptsoft.com).
57 : *
58 : */
59 :
60 : #include "cryptlib.h"
61 : #include <openssl/asn1.h>
62 : #include <openssl/x509v3.h>
63 :
64 : #define ASN1_GEN_FLAG 0x10000
65 : #define ASN1_GEN_FLAG_IMP (ASN1_GEN_FLAG|1)
66 : #define ASN1_GEN_FLAG_EXP (ASN1_GEN_FLAG|2)
67 : #define ASN1_GEN_FLAG_TAG (ASN1_GEN_FLAG|3)
68 : #define ASN1_GEN_FLAG_BITWRAP (ASN1_GEN_FLAG|4)
69 : #define ASN1_GEN_FLAG_OCTWRAP (ASN1_GEN_FLAG|5)
70 : #define ASN1_GEN_FLAG_SEQWRAP (ASN1_GEN_FLAG|6)
71 : #define ASN1_GEN_FLAG_SETWRAP (ASN1_GEN_FLAG|7)
72 : #define ASN1_GEN_FLAG_FORMAT (ASN1_GEN_FLAG|8)
73 :
74 : #define ASN1_GEN_STR(str,val) {str, sizeof(str) - 1, val}
75 :
76 : #define ASN1_FLAG_EXP_MAX 20
77 : /* Maximum number of nested sequences */
78 : #define ASN1_GEN_SEQ_MAX_DEPTH 50
79 :
80 : /* Input formats */
81 :
82 : /* ASCII: default */
83 : #define ASN1_GEN_FORMAT_ASCII 1
84 : /* UTF8 */
85 : #define ASN1_GEN_FORMAT_UTF8 2
86 : /* Hex */
87 : #define ASN1_GEN_FORMAT_HEX 3
88 : /* List of bits */
89 : #define ASN1_GEN_FORMAT_BITLIST 4
90 :
91 : struct tag_name_st {
92 : const char *strnam;
93 : int len;
94 : int tag;
95 : };
96 :
97 : typedef struct {
98 : int exp_tag;
99 : int exp_class;
100 : int exp_constructed;
101 : int exp_pad;
102 : long exp_len;
103 : } tag_exp_type;
104 :
105 : typedef struct {
106 : int imp_tag;
107 : int imp_class;
108 : int utype;
109 : int format;
110 : const char *str;
111 : tag_exp_type exp_list[ASN1_FLAG_EXP_MAX];
112 : int exp_count;
113 : } tag_exp_arg;
114 :
115 : static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth,
116 : int *perr);
117 : static int bitstr_cb(const char *elem, int len, void *bitstr);
118 : static int asn1_cb(const char *elem, int len, void *bitstr);
119 : static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class,
120 : int exp_constructed, int exp_pad, int imp_ok);
121 : static int parse_tagging(const char *vstart, int vlen, int *ptag,
122 : int *pclass);
123 : static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf,
124 : int depth, int *perr);
125 : static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype);
126 : static int asn1_str2tag(const char *tagstr, int len);
127 :
128 0 : ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf)
129 : {
130 : X509V3_CTX cnf;
131 :
132 0 : if (!nconf)
133 0 : return ASN1_generate_v3(str, NULL);
134 :
135 0 : X509V3_set_nconf(&cnf, nconf);
136 0 : return ASN1_generate_v3(str, &cnf);
137 : }
138 :
139 0 : ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
140 : {
141 0 : int err = 0;
142 0 : ASN1_TYPE *ret = generate_v3(str, cnf, 0, &err);
143 0 : if (err)
144 0 : ASN1err(ASN1_F_ASN1_GENERATE_V3, err);
145 0 : return ret;
146 : }
147 :
148 0 : static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth,
149 : int *perr)
150 : {
151 : ASN1_TYPE *ret;
152 : tag_exp_arg asn1_tags;
153 : tag_exp_type *etmp;
154 :
155 : int i, len;
156 :
157 0 : unsigned char *orig_der = NULL, *new_der = NULL;
158 : const unsigned char *cpy_start;
159 : unsigned char *p;
160 : const unsigned char *cp;
161 : int cpy_len;
162 : long hdr_len;
163 : int hdr_constructed = 0, hdr_tag, hdr_class;
164 : int r;
165 :
166 0 : asn1_tags.imp_tag = -1;
167 0 : asn1_tags.imp_class = -1;
168 0 : asn1_tags.format = ASN1_GEN_FORMAT_ASCII;
169 0 : asn1_tags.exp_count = 0;
170 0 : if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0) {
171 0 : *perr = ASN1_R_UNKNOWN_TAG;
172 0 : return NULL;
173 : }
174 :
175 0 : if ((asn1_tags.utype == V_ASN1_SEQUENCE)
176 0 : || (asn1_tags.utype == V_ASN1_SET)) {
177 0 : if (!cnf) {
178 0 : *perr = ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG;
179 0 : return NULL;
180 : }
181 0 : if (depth >= ASN1_GEN_SEQ_MAX_DEPTH) {
182 0 : *perr = ASN1_R_ILLEGAL_NESTED_TAGGING;
183 0 : return NULL;
184 : }
185 0 : ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf, depth, perr);
186 : } else
187 0 : ret = asn1_str2type(asn1_tags.str, asn1_tags.format, asn1_tags.utype);
188 :
189 0 : if (!ret)
190 : return NULL;
191 :
192 : /* If no tagging return base type */
193 0 : if ((asn1_tags.imp_tag == -1) && (asn1_tags.exp_count == 0))
194 : return ret;
195 :
196 : /* Generate the encoding */
197 0 : cpy_len = i2d_ASN1_TYPE(ret, &orig_der);
198 0 : ASN1_TYPE_free(ret);
199 : ret = NULL;
200 : /* Set point to start copying for modified encoding */
201 0 : cpy_start = orig_der;
202 :
203 : /* Do we need IMPLICIT tagging? */
204 0 : if (asn1_tags.imp_tag != -1) {
205 : /* If IMPLICIT we will replace the underlying tag */
206 : /* Skip existing tag+len */
207 0 : r = ASN1_get_object(&cpy_start, &hdr_len, &hdr_tag, &hdr_class,
208 : cpy_len);
209 0 : if (r & 0x80)
210 : goto err;
211 : /* Update copy length */
212 0 : cpy_len -= cpy_start - orig_der;
213 : /*
214 : * For IMPLICIT tagging the length should match the original length
215 : * and constructed flag should be consistent.
216 : */
217 0 : if (r & 0x1) {
218 : /* Indefinite length constructed */
219 : hdr_constructed = 2;
220 0 : hdr_len = 0;
221 : } else
222 : /* Just retain constructed flag */
223 0 : hdr_constructed = r & V_ASN1_CONSTRUCTED;
224 : /*
225 : * Work out new length with IMPLICIT tag: ignore constructed because
226 : * it will mess up if indefinite length
227 : */
228 0 : len = ASN1_object_size(0, hdr_len, asn1_tags.imp_tag);
229 : } else
230 : len = cpy_len;
231 :
232 : /* Work out length in any EXPLICIT, starting from end */
233 :
234 0 : for (i = 0, etmp = asn1_tags.exp_list + asn1_tags.exp_count - 1;
235 0 : i < asn1_tags.exp_count; i++, etmp--) {
236 : /* Content length: number of content octets + any padding */
237 0 : len += etmp->exp_pad;
238 0 : etmp->exp_len = len;
239 : /* Total object length: length including new header */
240 0 : len = ASN1_object_size(0, len, etmp->exp_tag);
241 : }
242 :
243 : /* Allocate buffer for new encoding */
244 :
245 0 : new_der = OPENSSL_malloc(len);
246 0 : if (!new_der)
247 : goto err;
248 :
249 : /* Generate tagged encoding */
250 :
251 0 : p = new_der;
252 :
253 : /* Output explicit tags first */
254 :
255 0 : for (i = 0, etmp = asn1_tags.exp_list; i < asn1_tags.exp_count;
256 0 : i++, etmp++) {
257 0 : ASN1_put_object(&p, etmp->exp_constructed, etmp->exp_len,
258 : etmp->exp_tag, etmp->exp_class);
259 0 : if (etmp->exp_pad)
260 0 : *p++ = 0;
261 : }
262 :
263 : /* If IMPLICIT, output tag */
264 :
265 0 : if (asn1_tags.imp_tag != -1) {
266 0 : if (asn1_tags.imp_class == V_ASN1_UNIVERSAL
267 0 : && (asn1_tags.imp_tag == V_ASN1_SEQUENCE
268 0 : || asn1_tags.imp_tag == V_ASN1_SET))
269 : hdr_constructed = V_ASN1_CONSTRUCTED;
270 0 : ASN1_put_object(&p, hdr_constructed, hdr_len,
271 : asn1_tags.imp_tag, asn1_tags.imp_class);
272 : }
273 :
274 : /* Copy across original encoding */
275 0 : memcpy(p, cpy_start, cpy_len);
276 :
277 0 : cp = new_der;
278 :
279 : /* Obtain new ASN1_TYPE structure */
280 0 : ret = d2i_ASN1_TYPE(NULL, &cp, len);
281 :
282 : err:
283 0 : if (orig_der)
284 0 : OPENSSL_free(orig_der);
285 0 : if (new_der)
286 0 : OPENSSL_free(new_der);
287 :
288 0 : return ret;
289 :
290 : }
291 :
292 0 : static int asn1_cb(const char *elem, int len, void *bitstr)
293 : {
294 : tag_exp_arg *arg = bitstr;
295 : int i;
296 : int utype;
297 : int vlen = 0;
298 : const char *p, *vstart = NULL;
299 :
300 : int tmp_tag, tmp_class;
301 :
302 0 : if (elem == NULL)
303 : return -1;
304 :
305 0 : for (i = 0, p = elem; i < len; p++, i++) {
306 : /* Look for the ':' in name value pairs */
307 0 : if (*p == ':') {
308 0 : vstart = p + 1;
309 0 : vlen = len - (vstart - elem);
310 0 : len = p - elem;
311 0 : break;
312 : }
313 : }
314 :
315 0 : utype = asn1_str2tag(elem, len);
316 :
317 0 : if (utype == -1) {
318 0 : ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_TAG);
319 0 : ERR_add_error_data(2, "tag=", elem);
320 0 : return -1;
321 : }
322 :
323 : /* If this is not a modifier mark end of string and exit */
324 0 : if (!(utype & ASN1_GEN_FLAG)) {
325 0 : arg->utype = utype;
326 0 : arg->str = vstart;
327 : /* If no value and not end of string, error */
328 0 : if (!vstart && elem[len]) {
329 0 : ASN1err(ASN1_F_ASN1_CB, ASN1_R_MISSING_VALUE);
330 0 : return -1;
331 : }
332 : return 0;
333 : }
334 :
335 0 : switch (utype) {
336 :
337 : case ASN1_GEN_FLAG_IMP:
338 : /* Check for illegal multiple IMPLICIT tagging */
339 0 : if (arg->imp_tag != -1) {
340 0 : ASN1err(ASN1_F_ASN1_CB, ASN1_R_ILLEGAL_NESTED_TAGGING);
341 0 : return -1;
342 : }
343 0 : if (!parse_tagging(vstart, vlen, &arg->imp_tag, &arg->imp_class))
344 : return -1;
345 : break;
346 :
347 : case ASN1_GEN_FLAG_EXP:
348 :
349 0 : if (!parse_tagging(vstart, vlen, &tmp_tag, &tmp_class))
350 : return -1;
351 0 : if (!append_exp(arg, tmp_tag, tmp_class, 1, 0, 0))
352 : return -1;
353 : break;
354 :
355 : case ASN1_GEN_FLAG_SEQWRAP:
356 0 : if (!append_exp(arg, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, 1, 0, 1))
357 : return -1;
358 : break;
359 :
360 : case ASN1_GEN_FLAG_SETWRAP:
361 0 : if (!append_exp(arg, V_ASN1_SET, V_ASN1_UNIVERSAL, 1, 0, 1))
362 : return -1;
363 : break;
364 :
365 : case ASN1_GEN_FLAG_BITWRAP:
366 0 : if (!append_exp(arg, V_ASN1_BIT_STRING, V_ASN1_UNIVERSAL, 0, 1, 1))
367 : return -1;
368 : break;
369 :
370 : case ASN1_GEN_FLAG_OCTWRAP:
371 0 : if (!append_exp(arg, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL, 0, 0, 1))
372 : return -1;
373 : break;
374 :
375 : case ASN1_GEN_FLAG_FORMAT:
376 0 : if (!vstart) {
377 0 : ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_FORMAT);
378 0 : return -1;
379 : }
380 0 : if (!strncmp(vstart, "ASCII", 5))
381 0 : arg->format = ASN1_GEN_FORMAT_ASCII;
382 0 : else if (!strncmp(vstart, "UTF8", 4))
383 0 : arg->format = ASN1_GEN_FORMAT_UTF8;
384 0 : else if (!strncmp(vstart, "HEX", 3))
385 0 : arg->format = ASN1_GEN_FORMAT_HEX;
386 0 : else if (!strncmp(vstart, "BITLIST", 7))
387 0 : arg->format = ASN1_GEN_FORMAT_BITLIST;
388 : else {
389 0 : ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT);
390 0 : return -1;
391 : }
392 : break;
393 :
394 : }
395 :
396 : return 1;
397 :
398 : }
399 :
400 0 : static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass)
401 : {
402 : char erch[2];
403 : long tag_num;
404 : char *eptr;
405 0 : if (!vstart)
406 : return 0;
407 0 : tag_num = strtoul(vstart, &eptr, 10);
408 : /* Check we haven't gone past max length: should be impossible */
409 0 : if (eptr && *eptr && (eptr > vstart + vlen))
410 : return 0;
411 0 : if (tag_num < 0) {
412 0 : ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_NUMBER);
413 0 : return 0;
414 : }
415 0 : *ptag = tag_num;
416 : /* If we have non numeric characters, parse them */
417 0 : if (eptr)
418 0 : vlen -= eptr - vstart;
419 : else
420 : vlen = 0;
421 0 : if (vlen) {
422 0 : switch (*eptr) {
423 :
424 : case 'U':
425 0 : *pclass = V_ASN1_UNIVERSAL;
426 0 : break;
427 :
428 : case 'A':
429 0 : *pclass = V_ASN1_APPLICATION;
430 0 : break;
431 :
432 : case 'P':
433 0 : *pclass = V_ASN1_PRIVATE;
434 0 : break;
435 :
436 : case 'C':
437 0 : *pclass = V_ASN1_CONTEXT_SPECIFIC;
438 0 : break;
439 :
440 : default:
441 0 : erch[0] = *eptr;
442 0 : erch[1] = 0;
443 0 : ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_MODIFIER);
444 0 : ERR_add_error_data(2, "Char=", erch);
445 0 : return 0;
446 : break;
447 :
448 : }
449 : } else
450 0 : *pclass = V_ASN1_CONTEXT_SPECIFIC;
451 :
452 : return 1;
453 :
454 : }
455 :
456 : /* Handle multiple types: SET and SEQUENCE */
457 :
458 0 : static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf,
459 : int depth, int *perr)
460 : {
461 : ASN1_TYPE *ret = NULL;
462 : STACK_OF(ASN1_TYPE) *sk = NULL;
463 : STACK_OF(CONF_VALUE) *sect = NULL;
464 0 : unsigned char *der = NULL;
465 : int derlen;
466 : int i;
467 0 : sk = sk_ASN1_TYPE_new_null();
468 0 : if (!sk)
469 : goto bad;
470 0 : if (section) {
471 0 : if (!cnf)
472 : goto bad;
473 0 : sect = X509V3_get_section(cnf, (char *)section);
474 0 : if (!sect)
475 : goto bad;
476 0 : for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
477 0 : ASN1_TYPE *typ =
478 0 : generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf,
479 : depth + 1, perr);
480 0 : if (!typ)
481 : goto bad;
482 0 : if (!sk_ASN1_TYPE_push(sk, typ))
483 : goto bad;
484 : }
485 : }
486 :
487 : /*
488 : * Now we has a STACK of the components, convert to the correct form
489 : */
490 :
491 0 : if (utype == V_ASN1_SET)
492 0 : derlen = i2d_ASN1_SET_ANY(sk, &der);
493 : else
494 0 : derlen = i2d_ASN1_SEQUENCE_ANY(sk, &der);
495 :
496 0 : if (derlen < 0)
497 : goto bad;
498 :
499 0 : if (!(ret = ASN1_TYPE_new()))
500 : goto bad;
501 :
502 0 : if (!(ret->value.asn1_string = ASN1_STRING_type_new(utype)))
503 : goto bad;
504 :
505 0 : ret->type = utype;
506 :
507 0 : ret->value.asn1_string->data = der;
508 0 : ret->value.asn1_string->length = derlen;
509 :
510 0 : der = NULL;
511 :
512 : bad:
513 :
514 0 : if (der)
515 0 : OPENSSL_free(der);
516 :
517 0 : if (sk)
518 0 : sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free);
519 0 : if (sect)
520 0 : X509V3_section_free(cnf, sect);
521 :
522 0 : return ret;
523 : }
524 :
525 0 : static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class,
526 : int exp_constructed, int exp_pad, int imp_ok)
527 : {
528 : tag_exp_type *exp_tmp;
529 : /* Can only have IMPLICIT if permitted */
530 0 : if ((arg->imp_tag != -1) && !imp_ok) {
531 0 : ASN1err(ASN1_F_APPEND_EXP, ASN1_R_ILLEGAL_IMPLICIT_TAG);
532 0 : return 0;
533 : }
534 :
535 0 : if (arg->exp_count == ASN1_FLAG_EXP_MAX) {
536 0 : ASN1err(ASN1_F_APPEND_EXP, ASN1_R_DEPTH_EXCEEDED);
537 0 : return 0;
538 : }
539 :
540 0 : exp_tmp = &arg->exp_list[arg->exp_count++];
541 :
542 : /*
543 : * If IMPLICIT set tag to implicit value then reset implicit tag since it
544 : * has been used.
545 : */
546 0 : if (arg->imp_tag != -1) {
547 0 : exp_tmp->exp_tag = arg->imp_tag;
548 0 : exp_tmp->exp_class = arg->imp_class;
549 0 : arg->imp_tag = -1;
550 0 : arg->imp_class = -1;
551 : } else {
552 0 : exp_tmp->exp_tag = exp_tag;
553 0 : exp_tmp->exp_class = exp_class;
554 : }
555 0 : exp_tmp->exp_constructed = exp_constructed;
556 0 : exp_tmp->exp_pad = exp_pad;
557 :
558 0 : return 1;
559 : }
560 :
561 0 : static int asn1_str2tag(const char *tagstr, int len)
562 : {
563 : unsigned int i;
564 : static const struct tag_name_st *tntmp, tnst[] = {
565 : ASN1_GEN_STR("BOOL", V_ASN1_BOOLEAN),
566 : ASN1_GEN_STR("BOOLEAN", V_ASN1_BOOLEAN),
567 : ASN1_GEN_STR("NULL", V_ASN1_NULL),
568 : ASN1_GEN_STR("INT", V_ASN1_INTEGER),
569 : ASN1_GEN_STR("INTEGER", V_ASN1_INTEGER),
570 : ASN1_GEN_STR("ENUM", V_ASN1_ENUMERATED),
571 : ASN1_GEN_STR("ENUMERATED", V_ASN1_ENUMERATED),
572 : ASN1_GEN_STR("OID", V_ASN1_OBJECT),
573 : ASN1_GEN_STR("OBJECT", V_ASN1_OBJECT),
574 : ASN1_GEN_STR("UTCTIME", V_ASN1_UTCTIME),
575 : ASN1_GEN_STR("UTC", V_ASN1_UTCTIME),
576 : ASN1_GEN_STR("GENERALIZEDTIME", V_ASN1_GENERALIZEDTIME),
577 : ASN1_GEN_STR("GENTIME", V_ASN1_GENERALIZEDTIME),
578 : ASN1_GEN_STR("OCT", V_ASN1_OCTET_STRING),
579 : ASN1_GEN_STR("OCTETSTRING", V_ASN1_OCTET_STRING),
580 : ASN1_GEN_STR("BITSTR", V_ASN1_BIT_STRING),
581 : ASN1_GEN_STR("BITSTRING", V_ASN1_BIT_STRING),
582 : ASN1_GEN_STR("UNIVERSALSTRING", V_ASN1_UNIVERSALSTRING),
583 : ASN1_GEN_STR("UNIV", V_ASN1_UNIVERSALSTRING),
584 : ASN1_GEN_STR("IA5", V_ASN1_IA5STRING),
585 : ASN1_GEN_STR("IA5STRING", V_ASN1_IA5STRING),
586 : ASN1_GEN_STR("UTF8", V_ASN1_UTF8STRING),
587 : ASN1_GEN_STR("UTF8String", V_ASN1_UTF8STRING),
588 : ASN1_GEN_STR("BMP", V_ASN1_BMPSTRING),
589 : ASN1_GEN_STR("BMPSTRING", V_ASN1_BMPSTRING),
590 : ASN1_GEN_STR("VISIBLESTRING", V_ASN1_VISIBLESTRING),
591 : ASN1_GEN_STR("VISIBLE", V_ASN1_VISIBLESTRING),
592 : ASN1_GEN_STR("PRINTABLESTRING", V_ASN1_PRINTABLESTRING),
593 : ASN1_GEN_STR("PRINTABLE", V_ASN1_PRINTABLESTRING),
594 : ASN1_GEN_STR("T61", V_ASN1_T61STRING),
595 : ASN1_GEN_STR("T61STRING", V_ASN1_T61STRING),
596 : ASN1_GEN_STR("TELETEXSTRING", V_ASN1_T61STRING),
597 : ASN1_GEN_STR("GeneralString", V_ASN1_GENERALSTRING),
598 : ASN1_GEN_STR("GENSTR", V_ASN1_GENERALSTRING),
599 : ASN1_GEN_STR("NUMERIC", V_ASN1_NUMERICSTRING),
600 : ASN1_GEN_STR("NUMERICSTRING", V_ASN1_NUMERICSTRING),
601 :
602 : /* Special cases */
603 : ASN1_GEN_STR("SEQUENCE", V_ASN1_SEQUENCE),
604 : ASN1_GEN_STR("SEQ", V_ASN1_SEQUENCE),
605 : ASN1_GEN_STR("SET", V_ASN1_SET),
606 : /* type modifiers */
607 : /* Explicit tag */
608 : ASN1_GEN_STR("EXP", ASN1_GEN_FLAG_EXP),
609 : ASN1_GEN_STR("EXPLICIT", ASN1_GEN_FLAG_EXP),
610 : /* Implicit tag */
611 : ASN1_GEN_STR("IMP", ASN1_GEN_FLAG_IMP),
612 : ASN1_GEN_STR("IMPLICIT", ASN1_GEN_FLAG_IMP),
613 : /* OCTET STRING wrapper */
614 : ASN1_GEN_STR("OCTWRAP", ASN1_GEN_FLAG_OCTWRAP),
615 : /* SEQUENCE wrapper */
616 : ASN1_GEN_STR("SEQWRAP", ASN1_GEN_FLAG_SEQWRAP),
617 : /* SET wrapper */
618 : ASN1_GEN_STR("SETWRAP", ASN1_GEN_FLAG_SETWRAP),
619 : /* BIT STRING wrapper */
620 : ASN1_GEN_STR("BITWRAP", ASN1_GEN_FLAG_BITWRAP),
621 : ASN1_GEN_STR("FORM", ASN1_GEN_FLAG_FORMAT),
622 : ASN1_GEN_STR("FORMAT", ASN1_GEN_FLAG_FORMAT),
623 : };
624 :
625 0 : if (len == -1)
626 0 : len = strlen(tagstr);
627 :
628 0 : tntmp = tnst;
629 0 : for (i = 0; i < sizeof(tnst) / sizeof(struct tag_name_st); i++, tntmp++) {
630 0 : if ((len == tntmp->len) && !strncmp(tntmp->strnam, tagstr, len))
631 0 : return tntmp->tag;
632 : }
633 :
634 : return -1;
635 : }
636 :
637 0 : static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
638 : {
639 : ASN1_TYPE *atmp = NULL;
640 :
641 : CONF_VALUE vtmp;
642 :
643 : unsigned char *rdata;
644 : long rdlen;
645 :
646 : int no_unused = 1;
647 :
648 0 : if (!(atmp = ASN1_TYPE_new())) {
649 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
650 0 : return NULL;
651 : }
652 :
653 0 : if (!str)
654 : str = "";
655 :
656 0 : switch (utype) {
657 :
658 : case V_ASN1_NULL:
659 0 : if (str && *str) {
660 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_NULL_VALUE);
661 0 : goto bad_form;
662 : }
663 : break;
664 :
665 : case V_ASN1_BOOLEAN:
666 0 : if (format != ASN1_GEN_FORMAT_ASCII) {
667 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_NOT_ASCII_FORMAT);
668 0 : goto bad_form;
669 : }
670 0 : vtmp.name = NULL;
671 0 : vtmp.section = NULL;
672 0 : vtmp.value = (char *)str;
673 0 : if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) {
674 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BOOLEAN);
675 0 : goto bad_str;
676 : }
677 : break;
678 :
679 : case V_ASN1_INTEGER:
680 : case V_ASN1_ENUMERATED:
681 0 : if (format != ASN1_GEN_FORMAT_ASCII) {
682 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_INTEGER_NOT_ASCII_FORMAT);
683 0 : goto bad_form;
684 : }
685 0 : if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str))) {
686 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_INTEGER);
687 0 : goto bad_str;
688 : }
689 : break;
690 :
691 : case V_ASN1_OBJECT:
692 0 : if (format != ASN1_GEN_FORMAT_ASCII) {
693 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_OBJECT_NOT_ASCII_FORMAT);
694 0 : goto bad_form;
695 : }
696 0 : if (!(atmp->value.object = OBJ_txt2obj(str, 0))) {
697 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_OBJECT);
698 0 : goto bad_str;
699 : }
700 : break;
701 :
702 : case V_ASN1_UTCTIME:
703 : case V_ASN1_GENERALIZEDTIME:
704 0 : if (format != ASN1_GEN_FORMAT_ASCII) {
705 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_TIME_NOT_ASCII_FORMAT);
706 0 : goto bad_form;
707 : }
708 0 : if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
709 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
710 0 : goto bad_str;
711 : }
712 0 : if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) {
713 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
714 0 : goto bad_str;
715 : }
716 0 : atmp->value.asn1_string->type = utype;
717 0 : if (!ASN1_TIME_check(atmp->value.asn1_string)) {
718 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_TIME_VALUE);
719 0 : goto bad_str;
720 : }
721 :
722 : break;
723 :
724 : case V_ASN1_BMPSTRING:
725 : case V_ASN1_PRINTABLESTRING:
726 : case V_ASN1_IA5STRING:
727 : case V_ASN1_T61STRING:
728 : case V_ASN1_UTF8STRING:
729 : case V_ASN1_VISIBLESTRING:
730 : case V_ASN1_UNIVERSALSTRING:
731 : case V_ASN1_GENERALSTRING:
732 : case V_ASN1_NUMERICSTRING:
733 :
734 0 : if (format == ASN1_GEN_FORMAT_ASCII)
735 : format = MBSTRING_ASC;
736 0 : else if (format == ASN1_GEN_FORMAT_UTF8)
737 : format = MBSTRING_UTF8;
738 : else {
739 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_FORMAT);
740 0 : goto bad_form;
741 : }
742 :
743 0 : if (ASN1_mbstring_copy(&atmp->value.asn1_string, (unsigned char *)str,
744 : -1, format, ASN1_tag2bit(utype)) <= 0) {
745 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
746 0 : goto bad_str;
747 : }
748 :
749 : break;
750 :
751 : case V_ASN1_BIT_STRING:
752 :
753 : case V_ASN1_OCTET_STRING:
754 :
755 0 : if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
756 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
757 0 : goto bad_form;
758 : }
759 :
760 0 : if (format == ASN1_GEN_FORMAT_HEX) {
761 :
762 0 : if (!(rdata = string_to_hex((char *)str, &rdlen))) {
763 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_HEX);
764 0 : goto bad_str;
765 : }
766 :
767 0 : atmp->value.asn1_string->data = rdata;
768 0 : atmp->value.asn1_string->length = rdlen;
769 0 : atmp->value.asn1_string->type = utype;
770 :
771 0 : } else if (format == ASN1_GEN_FORMAT_ASCII)
772 0 : ASN1_STRING_set(atmp->value.asn1_string, str, -1);
773 0 : else if ((format == ASN1_GEN_FORMAT_BITLIST)
774 0 : && (utype == V_ASN1_BIT_STRING)) {
775 0 : if (!CONF_parse_list
776 0 : (str, ',', 1, bitstr_cb, atmp->value.bit_string)) {
777 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_LIST_ERROR);
778 0 : goto bad_str;
779 : }
780 : no_unused = 0;
781 :
782 : } else {
783 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BITSTRING_FORMAT);
784 0 : goto bad_form;
785 : }
786 :
787 0 : if ((utype == V_ASN1_BIT_STRING) && no_unused) {
788 0 : atmp->value.asn1_string->flags
789 0 : &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
790 0 : atmp->value.asn1_string->flags |= ASN1_STRING_FLAG_BITS_LEFT;
791 : }
792 :
793 : break;
794 :
795 : default:
796 0 : ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_UNSUPPORTED_TYPE);
797 0 : goto bad_str;
798 : break;
799 : }
800 :
801 0 : atmp->type = utype;
802 0 : return atmp;
803 :
804 : bad_str:
805 0 : ERR_add_error_data(2, "string=", str);
806 : bad_form:
807 :
808 0 : ASN1_TYPE_free(atmp);
809 0 : return NULL;
810 :
811 : }
812 :
813 0 : static int bitstr_cb(const char *elem, int len, void *bitstr)
814 : {
815 : long bitnum;
816 : char *eptr;
817 0 : if (!elem)
818 : return 0;
819 0 : bitnum = strtoul(elem, &eptr, 10);
820 0 : if (eptr && *eptr && (eptr != elem + len))
821 : return 0;
822 0 : if (bitnum < 0) {
823 0 : ASN1err(ASN1_F_BITSTR_CB, ASN1_R_INVALID_NUMBER);
824 0 : return 0;
825 : }
826 0 : if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) {
827 0 : ASN1err(ASN1_F_BITSTR_CB, ERR_R_MALLOC_FAILURE);
828 0 : return 0;
829 : }
830 : return 1;
831 : }
|