x509_obj.c 5.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187
  1. /*
  2. * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include "internal/cryptlib.h"
  11. #include <openssl/objects.h>
  12. #include <openssl/x509.h>
  13. #include <openssl/buffer.h>
  14. #include "crypto/x509.h"
  15. #include "crypto/ctype.h"
  16. /*
  17. * Limit to ensure we don't overflow: much greater than
  18. * anything encountered in practice.
  19. */
  20. #define NAME_ONELINE_MAX (1024 * 1024)
  21. char *X509_NAME_oneline(const X509_NAME *a, char *buf, int len)
  22. {
  23. const X509_NAME_ENTRY *ne;
  24. int i;
  25. int n, lold, l, l1, l2, num, j, type;
  26. int prev_set = -1;
  27. const char *s;
  28. char *p;
  29. unsigned char *q;
  30. BUF_MEM *b = NULL;
  31. static const char hex[17] = "0123456789ABCDEF";
  32. int gs_doit[4];
  33. char tmp_buf[80];
  34. #ifdef CHARSET_EBCDIC
  35. unsigned char ebcdic_buf[1024];
  36. #endif
  37. if (buf == NULL) {
  38. if ((b = BUF_MEM_new()) == NULL)
  39. goto err;
  40. if (!BUF_MEM_grow(b, 200))
  41. goto err;
  42. b->data[0] = '\0';
  43. len = 200;
  44. } else if (len == 0) {
  45. return NULL;
  46. }
  47. if (a == NULL) {
  48. if (b) {
  49. buf = b->data;
  50. OPENSSL_free(b);
  51. }
  52. strncpy(buf, "NO X509_NAME", len);
  53. buf[len - 1] = '\0';
  54. return buf;
  55. }
  56. len--; /* space for '\0' */
  57. l = 0;
  58. for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
  59. ne = sk_X509_NAME_ENTRY_value(a->entries, i);
  60. n = OBJ_obj2nid(ne->object);
  61. if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
  62. i2t_ASN1_OBJECT(tmp_buf, sizeof(tmp_buf), ne->object);
  63. s = tmp_buf;
  64. }
  65. l1 = strlen(s);
  66. type = ne->value->type;
  67. num = ne->value->length;
  68. if (num > NAME_ONELINE_MAX) {
  69. ERR_raise(ERR_LIB_X509, X509_R_NAME_TOO_LONG);
  70. goto end;
  71. }
  72. q = ne->value->data;
  73. #ifdef CHARSET_EBCDIC
  74. if (type == V_ASN1_GENERALSTRING ||
  75. type == V_ASN1_VISIBLESTRING ||
  76. type == V_ASN1_PRINTABLESTRING ||
  77. type == V_ASN1_TELETEXSTRING ||
  78. type == V_ASN1_IA5STRING) {
  79. if (num > (int)sizeof(ebcdic_buf))
  80. num = sizeof(ebcdic_buf);
  81. ascii2ebcdic(ebcdic_buf, q, num);
  82. q = ebcdic_buf;
  83. }
  84. #endif
  85. if ((type == V_ASN1_GENERALSTRING) && ((num % 4) == 0)) {
  86. gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 0;
  87. for (j = 0; j < num; j++)
  88. if (q[j] != 0)
  89. gs_doit[j & 3] = 1;
  90. if (gs_doit[0] | gs_doit[1] | gs_doit[2])
  91. gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
  92. else {
  93. gs_doit[0] = gs_doit[1] = gs_doit[2] = 0;
  94. gs_doit[3] = 1;
  95. }
  96. } else
  97. gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
  98. for (l2 = j = 0; j < num; j++) {
  99. if (!gs_doit[j & 3])
  100. continue;
  101. l2++;
  102. if (q[j] == '/' || q[j] == '+')
  103. l2++; /* char needs to be escaped */
  104. else if ((ossl_toascii(q[j]) < ossl_toascii(' ')) ||
  105. (ossl_toascii(q[j]) > ossl_toascii('~')))
  106. l2 += 3;
  107. }
  108. lold = l;
  109. l += 1 + l1 + 1 + l2;
  110. if (l > NAME_ONELINE_MAX) {
  111. ERR_raise(ERR_LIB_X509, X509_R_NAME_TOO_LONG);
  112. goto end;
  113. }
  114. if (b != NULL) {
  115. if (!BUF_MEM_grow(b, l + 1))
  116. goto err;
  117. p = &(b->data[lold]);
  118. } else if (l > len) {
  119. break;
  120. } else
  121. p = &(buf[lold]);
  122. *(p++) = prev_set == ne->set ? '+' : '/';
  123. memcpy(p, s, (unsigned int)l1);
  124. p += l1;
  125. *(p++) = '=';
  126. #ifndef CHARSET_EBCDIC /* q was assigned above already. */
  127. q = ne->value->data;
  128. #endif
  129. for (j = 0; j < num; j++) {
  130. if (!gs_doit[j & 3])
  131. continue;
  132. #ifndef CHARSET_EBCDIC
  133. n = q[j];
  134. if ((n < ' ') || (n > '~')) {
  135. *(p++) = '\\';
  136. *(p++) = 'x';
  137. *(p++) = hex[(n >> 4) & 0x0f];
  138. *(p++) = hex[n & 0x0f];
  139. } else {
  140. if (n == '/' || n == '+')
  141. *(p++) = '\\';
  142. *(p++) = n;
  143. }
  144. #else
  145. n = os_toascii[q[j]];
  146. if ((n < os_toascii[' ']) || (n > os_toascii['~'])) {
  147. *(p++) = '\\';
  148. *(p++) = 'x';
  149. *(p++) = hex[(n >> 4) & 0x0f];
  150. *(p++) = hex[n & 0x0f];
  151. } else {
  152. if (n == os_toascii['/'] || n == os_toascii['+'])
  153. *(p++) = '\\';
  154. *(p++) = q[j];
  155. }
  156. #endif
  157. }
  158. *p = '\0';
  159. prev_set = ne->set;
  160. }
  161. if (b != NULL) {
  162. p = b->data;
  163. OPENSSL_free(b);
  164. } else
  165. p = buf;
  166. if (i == 0)
  167. *p = '\0';
  168. return p;
  169. err:
  170. ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
  171. end:
  172. BUF_MEM_free(b);
  173. return NULL;
  174. }