p12_utl.c 7.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241
  1. /*
  2. * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include "internal/cryptlib.h"
  11. #include <openssl/pkcs12.h>
  12. /* Cheap and nasty Unicode stuff */
  13. unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
  14. unsigned char **uni, int *unilen)
  15. {
  16. int ulen, i;
  17. unsigned char *unitmp;
  18. if (asclen == -1)
  19. asclen = strlen(asc);
  20. if (asclen < 0)
  21. return NULL;
  22. ulen = asclen * 2 + 2;
  23. if ((unitmp = OPENSSL_malloc(ulen)) == NULL)
  24. return NULL;
  25. for (i = 0; i < ulen - 2; i += 2) {
  26. unitmp[i] = 0;
  27. unitmp[i + 1] = asc[i >> 1];
  28. }
  29. /* Make result double null terminated */
  30. unitmp[ulen - 2] = 0;
  31. unitmp[ulen - 1] = 0;
  32. if (unilen)
  33. *unilen = ulen;
  34. if (uni)
  35. *uni = unitmp;
  36. return unitmp;
  37. }
  38. char *OPENSSL_uni2asc(const unsigned char *uni, int unilen)
  39. {
  40. int asclen, i;
  41. char *asctmp;
  42. /* string must contain an even number of bytes */
  43. if (unilen & 1)
  44. return NULL;
  45. if (unilen < 0)
  46. return NULL;
  47. asclen = unilen / 2;
  48. /* If no terminating zero allow for one */
  49. if (!unilen || uni[unilen - 1])
  50. asclen++;
  51. uni++;
  52. if ((asctmp = OPENSSL_malloc(asclen)) == NULL)
  53. return NULL;
  54. for (i = 0; i < unilen; i += 2)
  55. asctmp[i >> 1] = uni[i];
  56. asctmp[asclen - 1] = 0;
  57. return asctmp;
  58. }
  59. /*
  60. * OPENSSL_{utf82uni|uni2utf8} perform conversion between UTF-8 and
  61. * PKCS#12 BMPString format, which is specified as big-endian UTF-16.
  62. * One should keep in mind that even though BMPString is passed as
  63. * unsigned char *, it's not the kind of string you can exercise e.g.
  64. * strlen on. Caller also has to keep in mind that its length is
  65. * expressed not in number of UTF-16 characters, but in number of
  66. * bytes the string occupies, and treat it, the length, accordingly.
  67. */
  68. unsigned char *OPENSSL_utf82uni(const char *asc, int asclen,
  69. unsigned char **uni, int *unilen)
  70. {
  71. int ulen, i, j;
  72. unsigned char *unitmp, *ret;
  73. unsigned long utf32chr = 0;
  74. if (asclen == -1)
  75. asclen = strlen(asc);
  76. for (ulen = 0, i = 0; i < asclen; i += j) {
  77. j = UTF8_getc((const unsigned char *)asc+i, asclen-i, &utf32chr);
  78. /*
  79. * Following condition is somewhat opportunistic is sense that
  80. * decoding failure is used as *indirect* indication that input
  81. * string might in fact be extended ASCII/ANSI/ISO-8859-X. The
  82. * fallback is taken in hope that it would allow to process
  83. * files created with previous OpenSSL version, which used the
  84. * naive OPENSSL_asc2uni all along. It might be worth noting
  85. * that probability of false positive depends on language. In
  86. * cases covered by ISO Latin 1 probability is very low, because
  87. * any printable non-ASCII alphabet letter followed by another
  88. * or any ASCII character will trigger failure and fallback.
  89. * In other cases situation can be intensified by the fact that
  90. * English letters are not part of alternative keyboard layout,
  91. * but even then there should be plenty of pairs that trigger
  92. * decoding failure...
  93. */
  94. if (j < 0)
  95. return OPENSSL_asc2uni(asc, asclen, uni, unilen);
  96. if (utf32chr > 0x10FFFF) /* UTF-16 cap */
  97. return NULL;
  98. if (utf32chr >= 0x10000) /* pair of UTF-16 characters */
  99. ulen += 2*2;
  100. else /* or just one */
  101. ulen += 2;
  102. }
  103. ulen += 2; /* for trailing UTF16 zero */
  104. if ((ret = OPENSSL_malloc(ulen)) == NULL)
  105. return NULL;
  106. /* re-run the loop writing down UTF-16 characters in big-endian order */
  107. for (unitmp = ret, i = 0; i < asclen; i += j) {
  108. j = UTF8_getc((const unsigned char *)asc+i, asclen-i, &utf32chr);
  109. if (utf32chr >= 0x10000) { /* pair if UTF-16 characters */
  110. unsigned int hi, lo;
  111. utf32chr -= 0x10000;
  112. hi = 0xD800 + (utf32chr>>10);
  113. lo = 0xDC00 + (utf32chr&0x3ff);
  114. *unitmp++ = (unsigned char)(hi>>8);
  115. *unitmp++ = (unsigned char)(hi);
  116. *unitmp++ = (unsigned char)(lo>>8);
  117. *unitmp++ = (unsigned char)(lo);
  118. } else { /* or just one */
  119. *unitmp++ = (unsigned char)(utf32chr>>8);
  120. *unitmp++ = (unsigned char)(utf32chr);
  121. }
  122. }
  123. /* Make result double null terminated */
  124. *unitmp++ = 0;
  125. *unitmp++ = 0;
  126. if (unilen)
  127. *unilen = ulen;
  128. if (uni)
  129. *uni = ret;
  130. return ret;
  131. }
  132. static int bmp_to_utf8(char *str, const unsigned char *utf16, int len)
  133. {
  134. unsigned long utf32chr;
  135. if (len == 0) return 0;
  136. if (len < 2) return -1;
  137. /* pull UTF-16 character in big-endian order */
  138. utf32chr = (utf16[0]<<8) | utf16[1];
  139. if (utf32chr >= 0xD800 && utf32chr < 0xE000) { /* two chars */
  140. unsigned int lo;
  141. if (len < 4) return -1;
  142. utf32chr -= 0xD800;
  143. utf32chr <<= 10;
  144. lo = (utf16[2]<<8) | utf16[3];
  145. if (lo < 0xDC00 || lo >= 0xE000) return -1;
  146. utf32chr |= lo-0xDC00;
  147. utf32chr += 0x10000;
  148. }
  149. return UTF8_putc((unsigned char *)str, len > 4 ? 4 : len, utf32chr);
  150. }
  151. char *OPENSSL_uni2utf8(const unsigned char *uni, int unilen)
  152. {
  153. int asclen, i, j;
  154. char *asctmp;
  155. /* string must contain an even number of bytes */
  156. if (unilen & 1)
  157. return NULL;
  158. for (asclen = 0, i = 0; i < unilen; ) {
  159. j = bmp_to_utf8(NULL, uni+i, unilen-i);
  160. /*
  161. * falling back to OPENSSL_uni2asc makes lesser sense [than
  162. * falling back to OPENSSL_asc2uni in OPENSSL_utf82uni above],
  163. * it's done rather to maintain symmetry...
  164. */
  165. if (j < 0) return OPENSSL_uni2asc(uni, unilen);
  166. if (j == 4) i += 4;
  167. else i += 2;
  168. asclen += j;
  169. }
  170. /* If no terminating zero allow for one */
  171. if (!unilen || (uni[unilen-2]||uni[unilen - 1]))
  172. asclen++;
  173. if ((asctmp = OPENSSL_malloc(asclen)) == NULL)
  174. return NULL;
  175. /* re-run the loop emitting UTF-8 string */
  176. for (asclen = 0, i = 0; i < unilen; ) {
  177. j = bmp_to_utf8(asctmp+asclen, uni+i, unilen-i);
  178. if (j == 4) i += 4;
  179. else i += 2;
  180. asclen += j;
  181. }
  182. /* If no terminating zero write one */
  183. if (!unilen || (uni[unilen-2]||uni[unilen - 1]))
  184. asctmp[asclen] = '\0';
  185. return asctmp;
  186. }
  187. int i2d_PKCS12_bio(BIO *bp, const PKCS12 *p12)
  188. {
  189. return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
  190. }
  191. #ifndef OPENSSL_NO_STDIO
  192. int i2d_PKCS12_fp(FILE *fp, const PKCS12 *p12)
  193. {
  194. return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
  195. }
  196. #endif
  197. PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12)
  198. {
  199. return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
  200. }
  201. #ifndef OPENSSL_NO_STDIO
  202. PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12)
  203. {
  204. return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
  205. }
  206. #endif