a_strex.c 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567
  1. /* a_strex.c */
  2. /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
  3. * project 2000.
  4. */
  5. /* ====================================================================
  6. * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
  7. *
  8. * Redistribution and use in source and binary forms, with or without
  9. * modification, are permitted provided that the following conditions
  10. * are met:
  11. *
  12. * 1. Redistributions of source code must retain the above copyright
  13. * notice, this list of conditions and the following disclaimer.
  14. *
  15. * 2. Redistributions in binary form must reproduce the above copyright
  16. * notice, this list of conditions and the following disclaimer in
  17. * the documentation and/or other materials provided with the
  18. * distribution.
  19. *
  20. * 3. All advertising materials mentioning features or use of this
  21. * software must display the following acknowledgment:
  22. * "This product includes software developed by the OpenSSL Project
  23. * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  24. *
  25. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26. * endorse or promote products derived from this software without
  27. * prior written permission. For written permission, please contact
  28. * licensing@OpenSSL.org.
  29. *
  30. * 5. Products derived from this software may not be called "OpenSSL"
  31. * nor may "OpenSSL" appear in their names without prior written
  32. * permission of the OpenSSL Project.
  33. *
  34. * 6. Redistributions of any form whatsoever must retain the following
  35. * acknowledgment:
  36. * "This product includes software developed by the OpenSSL Project
  37. * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  38. *
  39. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50. * OF THE POSSIBILITY OF SUCH DAMAGE.
  51. * ====================================================================
  52. *
  53. * This product includes cryptographic software written by Eric Young
  54. * (eay@cryptsoft.com). This product includes software written by Tim
  55. * Hudson (tjh@cryptsoft.com).
  56. *
  57. */
  58. #include <stdio.h>
  59. #include <string.h>
  60. #include "cryptlib.h"
  61. #include <openssl/crypto.h>
  62. #include <openssl/x509.h>
  63. #include <openssl/asn1.h>
  64. #include "charmap.h"
  65. /* ASN1_STRING_print_ex() and X509_NAME_print_ex().
  66. * Enhanced string and name printing routines handling
  67. * multibyte characters, RFC2253 and a host of other
  68. * options.
  69. */
  70. #define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253)
  71. /* Three IO functions for sending data to memory, a BIO and
  72. * and a FILE pointer.
  73. */
  74. #if 0 /* never used */
  75. static int send_mem_chars(void *arg, const void *buf, int len)
  76. {
  77. unsigned char **out = arg;
  78. if(!out) return 1;
  79. memcpy(*out, buf, len);
  80. *out += len;
  81. return 1;
  82. }
  83. #endif
  84. static int send_bio_chars(void *arg, const void *buf, int len)
  85. {
  86. if(!arg) return 1;
  87. if(BIO_write(arg, buf, len) != len) return 0;
  88. return 1;
  89. }
  90. static int send_fp_chars(void *arg, const void *buf, int len)
  91. {
  92. if(!arg) return 1;
  93. if(fwrite(buf, 1, len, arg) != (unsigned int)len) return 0;
  94. return 1;
  95. }
  96. typedef int char_io(void *arg, const void *buf, int len);
  97. /* This function handles display of
  98. * strings, one character at a time.
  99. * It is passed an unsigned long for each
  100. * character because it could come from 2 or even
  101. * 4 byte forms.
  102. */
  103. static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, char_io *io_ch, void *arg)
  104. {
  105. unsigned char chflgs, chtmp;
  106. char tmphex[HEX_SIZE(long)+3];
  107. if(c > 0xffffffffL)
  108. return -1;
  109. if(c > 0xffff) {
  110. BIO_snprintf(tmphex, sizeof tmphex, "\\W%08lX", c);
  111. if(!io_ch(arg, tmphex, 10)) return -1;
  112. return 10;
  113. }
  114. if(c > 0xff) {
  115. BIO_snprintf(tmphex, sizeof tmphex, "\\U%04lX", c);
  116. if(!io_ch(arg, tmphex, 6)) return -1;
  117. return 6;
  118. }
  119. chtmp = (unsigned char)c;
  120. if(chtmp > 0x7f) chflgs = flags & ASN1_STRFLGS_ESC_MSB;
  121. else chflgs = char_type[chtmp] & flags;
  122. if(chflgs & CHARTYPE_BS_ESC) {
  123. /* If we don't escape with quotes, signal we need quotes */
  124. if(chflgs & ASN1_STRFLGS_ESC_QUOTE) {
  125. if(do_quotes) *do_quotes = 1;
  126. if(!io_ch(arg, &chtmp, 1)) return -1;
  127. return 1;
  128. }
  129. if(!io_ch(arg, "\\", 1)) return -1;
  130. if(!io_ch(arg, &chtmp, 1)) return -1;
  131. return 2;
  132. }
  133. if(chflgs & (ASN1_STRFLGS_ESC_CTRL|ASN1_STRFLGS_ESC_MSB)) {
  134. BIO_snprintf(tmphex, 11, "\\%02X", chtmp);
  135. if(!io_ch(arg, tmphex, 3)) return -1;
  136. return 3;
  137. }
  138. if(!io_ch(arg, &chtmp, 1)) return -1;
  139. return 1;
  140. }
  141. #define BUF_TYPE_WIDTH_MASK 0x7
  142. #define BUF_TYPE_CONVUTF8 0x8
  143. /* This function sends each character in a buffer to
  144. * do_esc_char(). It interprets the content formats
  145. * and converts to or from UTF8 as appropriate.
  146. */
  147. static int do_buf(unsigned char *buf, int buflen,
  148. int type, unsigned char flags, char *quotes, char_io *io_ch, void *arg)
  149. {
  150. int i, outlen, len;
  151. unsigned char orflags, *p, *q;
  152. unsigned long c;
  153. p = buf;
  154. q = buf + buflen;
  155. outlen = 0;
  156. while(p != q) {
  157. if(p == buf) orflags = CHARTYPE_FIRST_ESC_2253;
  158. else orflags = 0;
  159. switch(type & BUF_TYPE_WIDTH_MASK) {
  160. case 4:
  161. c = ((unsigned long)*p++) << 24;
  162. c |= ((unsigned long)*p++) << 16;
  163. c |= ((unsigned long)*p++) << 8;
  164. c |= *p++;
  165. break;
  166. case 2:
  167. c = ((unsigned long)*p++) << 8;
  168. c |= *p++;
  169. break;
  170. case 1:
  171. c = *p++;
  172. break;
  173. case 0:
  174. i = UTF8_getc(p, buflen, &c);
  175. if(i < 0) return -1; /* Invalid UTF8String */
  176. p += i;
  177. break;
  178. default:
  179. return -1; /* invalid width */
  180. }
  181. if (p == q) orflags = CHARTYPE_LAST_ESC_2253;
  182. if(type & BUF_TYPE_CONVUTF8) {
  183. unsigned char utfbuf[6];
  184. int utflen;
  185. utflen = UTF8_putc(utfbuf, sizeof utfbuf, c);
  186. for(i = 0; i < utflen; i++) {
  187. /* We don't need to worry about setting orflags correctly
  188. * because if utflen==1 its value will be correct anyway
  189. * otherwise each character will be > 0x7f and so the
  190. * character will never be escaped on first and last.
  191. */
  192. len = do_esc_char(utfbuf[i], (unsigned char)(flags | orflags), quotes, io_ch, arg);
  193. if(len < 0) return -1;
  194. outlen += len;
  195. }
  196. } else {
  197. len = do_esc_char(c, (unsigned char)(flags | orflags), quotes, io_ch, arg);
  198. if(len < 0) return -1;
  199. outlen += len;
  200. }
  201. }
  202. return outlen;
  203. }
  204. /* This function hex dumps a buffer of characters */
  205. static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen)
  206. {
  207. static const char hexdig[] = "0123456789ABCDEF";
  208. unsigned char *p, *q;
  209. char hextmp[2];
  210. if(arg) {
  211. p = buf;
  212. q = buf + buflen;
  213. while(p != q) {
  214. hextmp[0] = hexdig[*p >> 4];
  215. hextmp[1] = hexdig[*p & 0xf];
  216. if(!io_ch(arg, hextmp, 2)) return -1;
  217. p++;
  218. }
  219. }
  220. return buflen << 1;
  221. }
  222. /* "dump" a string. This is done when the type is unknown,
  223. * or the flags request it. We can either dump the content
  224. * octets or the entire DER encoding. This uses the RFC2253
  225. * #01234 format.
  226. */
  227. static int do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING *str)
  228. {
  229. /* Placing the ASN1_STRING in a temp ASN1_TYPE allows
  230. * the DER encoding to readily obtained
  231. */
  232. ASN1_TYPE t;
  233. unsigned char *der_buf, *p;
  234. int outlen, der_len;
  235. if(!io_ch(arg, "#", 1)) return -1;
  236. /* If we don't dump DER encoding just dump content octets */
  237. if(!(lflags & ASN1_STRFLGS_DUMP_DER)) {
  238. outlen = do_hex_dump(io_ch, arg, str->data, str->length);
  239. if(outlen < 0) return -1;
  240. return outlen + 1;
  241. }
  242. t.type = str->type;
  243. t.value.ptr = (char *)str;
  244. der_len = i2d_ASN1_TYPE(&t, NULL);
  245. der_buf = OPENSSL_malloc(der_len);
  246. if(!der_buf) return -1;
  247. p = der_buf;
  248. i2d_ASN1_TYPE(&t, &p);
  249. outlen = do_hex_dump(io_ch, arg, der_buf, der_len);
  250. OPENSSL_free(der_buf);
  251. if(outlen < 0) return -1;
  252. return outlen + 1;
  253. }
  254. /* Lookup table to convert tags to character widths,
  255. * 0 = UTF8 encoded, -1 is used for non string types
  256. * otherwise it is the number of bytes per character
  257. */
  258. static const signed char tag2nbyte[] = {
  259. -1, -1, -1, -1, -1, /* 0-4 */
  260. -1, -1, -1, -1, -1, /* 5-9 */
  261. -1, -1, 0, -1, /* 10-13 */
  262. -1, -1, -1, -1, /* 15-17 */
  263. -1, 1, 1, /* 18-20 */
  264. -1, 1, 1, 1, /* 21-24 */
  265. -1, 1, -1, /* 25-27 */
  266. 4, -1, 2 /* 28-30 */
  267. };
  268. #define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
  269. ASN1_STRFLGS_ESC_QUOTE | \
  270. ASN1_STRFLGS_ESC_CTRL | \
  271. ASN1_STRFLGS_ESC_MSB)
  272. /* This is the main function, print out an
  273. * ASN1_STRING taking note of various escape
  274. * and display options. Returns number of
  275. * characters written or -1 if an error
  276. * occurred.
  277. */
  278. static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, ASN1_STRING *str)
  279. {
  280. int outlen, len;
  281. int type;
  282. char quotes;
  283. unsigned char flags;
  284. quotes = 0;
  285. /* Keep a copy of escape flags */
  286. flags = (unsigned char)(lflags & ESC_FLAGS);
  287. type = str->type;
  288. outlen = 0;
  289. if(lflags & ASN1_STRFLGS_SHOW_TYPE) {
  290. const char *tagname;
  291. tagname = ASN1_tag2str(type);
  292. outlen += strlen(tagname);
  293. if(!io_ch(arg, tagname, outlen) || !io_ch(arg, ":", 1)) return -1;
  294. outlen++;
  295. }
  296. /* Decide what to do with type, either dump content or display it */
  297. /* Dump everything */
  298. if(lflags & ASN1_STRFLGS_DUMP_ALL) type = -1;
  299. /* Ignore the string type */
  300. else if(lflags & ASN1_STRFLGS_IGNORE_TYPE) type = 1;
  301. else {
  302. /* Else determine width based on type */
  303. if((type > 0) && (type < 31)) type = tag2nbyte[type];
  304. else type = -1;
  305. if((type == -1) && !(lflags & ASN1_STRFLGS_DUMP_UNKNOWN)) type = 1;
  306. }
  307. if(type == -1) {
  308. len = do_dump(lflags, io_ch, arg, str);
  309. if(len < 0) return -1;
  310. outlen += len;
  311. return outlen;
  312. }
  313. if(lflags & ASN1_STRFLGS_UTF8_CONVERT) {
  314. /* Note: if string is UTF8 and we want
  315. * to convert to UTF8 then we just interpret
  316. * it as 1 byte per character to avoid converting
  317. * twice.
  318. */
  319. if(!type) type = 1;
  320. else type |= BUF_TYPE_CONVUTF8;
  321. }
  322. len = do_buf(str->data, str->length, type, flags, &quotes, io_ch, NULL);
  323. if(len < 0) return -1;
  324. outlen += len;
  325. if(quotes) outlen += 2;
  326. if(!arg) return outlen;
  327. if(quotes && !io_ch(arg, "\"", 1)) return -1;
  328. if(do_buf(str->data, str->length, type, flags, NULL, io_ch, arg) < 0)
  329. return -1;
  330. if(quotes && !io_ch(arg, "\"", 1)) return -1;
  331. return outlen;
  332. }
  333. /* Used for line indenting: print 'indent' spaces */
  334. static int do_indent(char_io *io_ch, void *arg, int indent)
  335. {
  336. int i;
  337. for(i = 0; i < indent; i++)
  338. if(!io_ch(arg, " ", 1)) return 0;
  339. return 1;
  340. }
  341. #define FN_WIDTH_LN 25
  342. #define FN_WIDTH_SN 10
  343. static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
  344. int indent, unsigned long flags)
  345. {
  346. int i, prev = -1, orflags, cnt;
  347. int fn_opt, fn_nid;
  348. ASN1_OBJECT *fn;
  349. ASN1_STRING *val;
  350. X509_NAME_ENTRY *ent;
  351. char objtmp[80];
  352. const char *objbuf;
  353. int outlen, len;
  354. char *sep_dn, *sep_mv, *sep_eq;
  355. int sep_dn_len, sep_mv_len, sep_eq_len;
  356. if(indent < 0) indent = 0;
  357. outlen = indent;
  358. if(!do_indent(io_ch, arg, indent)) return -1;
  359. switch (flags & XN_FLAG_SEP_MASK)
  360. {
  361. case XN_FLAG_SEP_MULTILINE:
  362. sep_dn = "\n";
  363. sep_dn_len = 1;
  364. sep_mv = " + ";
  365. sep_mv_len = 3;
  366. break;
  367. case XN_FLAG_SEP_COMMA_PLUS:
  368. sep_dn = ",";
  369. sep_dn_len = 1;
  370. sep_mv = "+";
  371. sep_mv_len = 1;
  372. indent = 0;
  373. break;
  374. case XN_FLAG_SEP_CPLUS_SPC:
  375. sep_dn = ", ";
  376. sep_dn_len = 2;
  377. sep_mv = " + ";
  378. sep_mv_len = 3;
  379. indent = 0;
  380. break;
  381. case XN_FLAG_SEP_SPLUS_SPC:
  382. sep_dn = "; ";
  383. sep_dn_len = 2;
  384. sep_mv = " + ";
  385. sep_mv_len = 3;
  386. indent = 0;
  387. break;
  388. default:
  389. return -1;
  390. }
  391. if(flags & XN_FLAG_SPC_EQ) {
  392. sep_eq = " = ";
  393. sep_eq_len = 3;
  394. } else {
  395. sep_eq = "=";
  396. sep_eq_len = 1;
  397. }
  398. fn_opt = flags & XN_FLAG_FN_MASK;
  399. cnt = X509_NAME_entry_count(n);
  400. for(i = 0; i < cnt; i++) {
  401. if(flags & XN_FLAG_DN_REV)
  402. ent = X509_NAME_get_entry(n, cnt - i - 1);
  403. else ent = X509_NAME_get_entry(n, i);
  404. if(prev != -1) {
  405. if(prev == ent->set) {
  406. if(!io_ch(arg, sep_mv, sep_mv_len)) return -1;
  407. outlen += sep_mv_len;
  408. } else {
  409. if(!io_ch(arg, sep_dn, sep_dn_len)) return -1;
  410. outlen += sep_dn_len;
  411. if(!do_indent(io_ch, arg, indent)) return -1;
  412. outlen += indent;
  413. }
  414. }
  415. prev = ent->set;
  416. fn = X509_NAME_ENTRY_get_object(ent);
  417. val = X509_NAME_ENTRY_get_data(ent);
  418. fn_nid = OBJ_obj2nid(fn);
  419. if(fn_opt != XN_FLAG_FN_NONE) {
  420. int objlen, fld_len;
  421. if((fn_opt == XN_FLAG_FN_OID) || (fn_nid==NID_undef) ) {
  422. OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1);
  423. fld_len = 0; /* XXX: what should this be? */
  424. objbuf = objtmp;
  425. } else {
  426. if(fn_opt == XN_FLAG_FN_SN) {
  427. fld_len = FN_WIDTH_SN;
  428. objbuf = OBJ_nid2sn(fn_nid);
  429. } else if(fn_opt == XN_FLAG_FN_LN) {
  430. fld_len = FN_WIDTH_LN;
  431. objbuf = OBJ_nid2ln(fn_nid);
  432. } else {
  433. fld_len = 0; /* XXX: what should this be? */
  434. objbuf = "";
  435. }
  436. }
  437. objlen = strlen(objbuf);
  438. if(!io_ch(arg, objbuf, objlen)) return -1;
  439. if ((objlen < fld_len) && (flags & XN_FLAG_FN_ALIGN)) {
  440. if (!do_indent(io_ch, arg, fld_len - objlen)) return -1;
  441. outlen += fld_len - objlen;
  442. }
  443. if(!io_ch(arg, sep_eq, sep_eq_len)) return -1;
  444. outlen += objlen + sep_eq_len;
  445. }
  446. /* If the field name is unknown then fix up the DER dump
  447. * flag. We might want to limit this further so it will
  448. * DER dump on anything other than a few 'standard' fields.
  449. */
  450. if((fn_nid == NID_undef) && (flags & XN_FLAG_DUMP_UNKNOWN_FIELDS))
  451. orflags = ASN1_STRFLGS_DUMP_ALL;
  452. else orflags = 0;
  453. len = do_print_ex(io_ch, arg, flags | orflags, val);
  454. if(len < 0) return -1;
  455. outlen += len;
  456. }
  457. return outlen;
  458. }
  459. /* Wrappers round the main functions */
  460. int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags)
  461. {
  462. if(flags == XN_FLAG_COMPAT)
  463. return X509_NAME_print(out, nm, indent);
  464. return do_name_ex(send_bio_chars, out, nm, indent, flags);
  465. }
  466. #ifndef OPENSSL_NO_FP_API
  467. int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags)
  468. {
  469. if(flags == XN_FLAG_COMPAT)
  470. {
  471. BIO *btmp;
  472. int ret;
  473. btmp = BIO_new_fp(fp, BIO_NOCLOSE);
  474. if(!btmp) return -1;
  475. ret = X509_NAME_print(btmp, nm, indent);
  476. BIO_free(btmp);
  477. return ret;
  478. }
  479. return do_name_ex(send_fp_chars, fp, nm, indent, flags);
  480. }
  481. #endif
  482. int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags)
  483. {
  484. return do_print_ex(send_bio_chars, out, flags, str);
  485. }
  486. #ifndef OPENSSL_NO_FP_API
  487. int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags)
  488. {
  489. return do_print_ex(send_fp_chars, fp, flags, str);
  490. }
  491. #endif
  492. /* Utility function: convert any string type to UTF8, returns number of bytes
  493. * in output string or a negative error code
  494. */
  495. int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in)
  496. {
  497. ASN1_STRING stmp, *str = &stmp;
  498. int mbflag, type, ret;
  499. if(!in) return -1;
  500. type = in->type;
  501. if((type < 0) || (type > 30)) return -1;
  502. mbflag = tag2nbyte[type];
  503. if(mbflag == -1) return -1;
  504. mbflag |= MBSTRING_FLAG;
  505. stmp.data = NULL;
  506. ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING);
  507. if(ret < 0) return ret;
  508. *out = stmp.data;
  509. return stmp.length;
  510. }