p12_utl.c 7.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244
  1. /*
  2. * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include "internal/cryptlib.h"
  11. #include <openssl/pkcs12.h>
  12. /* Cheap and nasty Unicode stuff */
  13. unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
  14. unsigned char **uni, int *unilen)
  15. {
  16. int ulen, i;
  17. unsigned char *unitmp;
  18. if (asclen == -1)
  19. asclen = strlen(asc);
  20. ulen = asclen * 2 + 2;
  21. if ((unitmp = OPENSSL_malloc(ulen)) == NULL) {
  22. PKCS12err(PKCS12_F_OPENSSL_ASC2UNI, ERR_R_MALLOC_FAILURE);
  23. return NULL;
  24. }
  25. for (i = 0; i < ulen - 2; i += 2) {
  26. unitmp[i] = 0;
  27. unitmp[i + 1] = asc[i >> 1];
  28. }
  29. /* Make result double null terminated */
  30. unitmp[ulen - 2] = 0;
  31. unitmp[ulen - 1] = 0;
  32. if (unilen)
  33. *unilen = ulen;
  34. if (uni)
  35. *uni = unitmp;
  36. return unitmp;
  37. }
  38. char *OPENSSL_uni2asc(const unsigned char *uni, int unilen)
  39. {
  40. int asclen, i;
  41. char *asctmp;
  42. /* string must contain an even number of bytes */
  43. if (unilen & 1)
  44. return NULL;
  45. asclen = unilen / 2;
  46. /* If no terminating zero allow for one */
  47. if (!unilen || uni[unilen - 1])
  48. asclen++;
  49. uni++;
  50. if ((asctmp = OPENSSL_malloc(asclen)) == NULL) {
  51. PKCS12err(PKCS12_F_OPENSSL_UNI2ASC, ERR_R_MALLOC_FAILURE);
  52. return NULL;
  53. }
  54. for (i = 0; i < unilen; i += 2)
  55. asctmp[i >> 1] = uni[i];
  56. asctmp[asclen - 1] = 0;
  57. return asctmp;
  58. }
  59. /*
  60. * OPENSSL_{utf82uni|uni2utf8} perform conversion between UTF-8 and
  61. * PKCS#12 BMPString format, which is specified as big-endian UTF-16.
  62. * One should keep in mind that even though BMPString is passed as
  63. * unsigned char *, it's not the kind of string you can exercise e.g.
  64. * strlen on. Caller also has to keep in mind that its length is
  65. * expressed not in number of UTF-16 characters, but in number of
  66. * bytes the string occupies, and treat it, the length, accordingly.
  67. */
  68. unsigned char *OPENSSL_utf82uni(const char *asc, int asclen,
  69. unsigned char **uni, int *unilen)
  70. {
  71. int ulen, i, j;
  72. unsigned char *unitmp, *ret;
  73. unsigned long utf32chr = 0;
  74. if (asclen == -1)
  75. asclen = strlen(asc);
  76. for (ulen = 0, i = 0; i < asclen; i += j) {
  77. j = UTF8_getc((const unsigned char *)asc+i, asclen-i, &utf32chr);
  78. /*
  79. * Following condition is somewhat opportunistic is sense that
  80. * decoding failure is used as *indirect* indication that input
  81. * string might in fact be extended ASCII/ANSI/ISO-8859-X. The
  82. * fallback is taken in hope that it would allow to process
  83. * files created with previous OpenSSL version, which used the
  84. * naive OPENSSL_asc2uni all along. It might be worth noting
  85. * that probability of false positive depends on language. In
  86. * cases covered by ISO Latin 1 probability is very low, because
  87. * any printable non-ASCII alphabet letter followed by another
  88. * or any ASCII character will trigger failure and fallback.
  89. * In other cases situation can be intensified by the fact that
  90. * English letters are not part of alternative keyboard layout,
  91. * but even then there should be plenty of pairs that trigger
  92. * decoding failure...
  93. */
  94. if (j < 0)
  95. return OPENSSL_asc2uni(asc, asclen, uni, unilen);
  96. if (utf32chr > 0x10FFFF) /* UTF-16 cap */
  97. return NULL;
  98. if (utf32chr >= 0x10000) /* pair of UTF-16 characters */
  99. ulen += 2*2;
  100. else /* or just one */
  101. ulen += 2;
  102. }
  103. ulen += 2; /* for trailing UTF16 zero */
  104. if ((ret = OPENSSL_malloc(ulen)) == NULL) {
  105. PKCS12err(PKCS12_F_OPENSSL_UTF82UNI, ERR_R_MALLOC_FAILURE);
  106. return NULL;
  107. }
  108. /* re-run the loop writing down UTF-16 characters in big-endian order */
  109. for (unitmp = ret, i = 0; i < asclen; i += j) {
  110. j = UTF8_getc((const unsigned char *)asc+i, asclen-i, &utf32chr);
  111. if (utf32chr >= 0x10000) { /* pair if UTF-16 characters */
  112. unsigned int hi, lo;
  113. utf32chr -= 0x10000;
  114. hi = 0xD800 + (utf32chr>>10);
  115. lo = 0xDC00 + (utf32chr&0x3ff);
  116. *unitmp++ = (unsigned char)(hi>>8);
  117. *unitmp++ = (unsigned char)(hi);
  118. *unitmp++ = (unsigned char)(lo>>8);
  119. *unitmp++ = (unsigned char)(lo);
  120. } else { /* or just one */
  121. *unitmp++ = (unsigned char)(utf32chr>>8);
  122. *unitmp++ = (unsigned char)(utf32chr);
  123. }
  124. }
  125. /* Make result double null terminated */
  126. *unitmp++ = 0;
  127. *unitmp++ = 0;
  128. if (unilen)
  129. *unilen = ulen;
  130. if (uni)
  131. *uni = ret;
  132. return ret;
  133. }
  134. static int bmp_to_utf8(char *str, const unsigned char *utf16, int len)
  135. {
  136. unsigned long utf32chr;
  137. if (len == 0) return 0;
  138. if (len < 2) return -1;
  139. /* pull UTF-16 character in big-endian order */
  140. utf32chr = (utf16[0]<<8) | utf16[1];
  141. if (utf32chr >= 0xD800 && utf32chr < 0xE000) { /* two chars */
  142. unsigned int lo;
  143. if (len < 4) return -1;
  144. utf32chr -= 0xD800;
  145. utf32chr <<= 10;
  146. lo = (utf16[2]<<8) | utf16[3];
  147. if (lo < 0xDC00 || lo >= 0xE000) return -1;
  148. utf32chr |= lo-0xDC00;
  149. utf32chr += 0x10000;
  150. }
  151. return UTF8_putc((unsigned char *)str, len > 4 ? 4 : len, utf32chr);
  152. }
  153. char *OPENSSL_uni2utf8(const unsigned char *uni, int unilen)
  154. {
  155. int asclen, i, j;
  156. char *asctmp;
  157. /* string must contain an even number of bytes */
  158. if (unilen & 1)
  159. return NULL;
  160. for (asclen = 0, i = 0; i < unilen; ) {
  161. j = bmp_to_utf8(NULL, uni+i, unilen-i);
  162. /*
  163. * falling back to OPENSSL_uni2asc makes lesser sense [than
  164. * falling back to OPENSSL_asc2uni in OPENSSL_utf82uni above],
  165. * it's done rather to maintain symmetry...
  166. */
  167. if (j < 0) return OPENSSL_uni2asc(uni, unilen);
  168. if (j == 4) i += 4;
  169. else i += 2;
  170. asclen += j;
  171. }
  172. /* If no terminating zero allow for one */
  173. if (!unilen || (uni[unilen-2]||uni[unilen - 1]))
  174. asclen++;
  175. if ((asctmp = OPENSSL_malloc(asclen)) == NULL) {
  176. PKCS12err(PKCS12_F_OPENSSL_UNI2UTF8, ERR_R_MALLOC_FAILURE);
  177. return NULL;
  178. }
  179. /* re-run the loop emitting UTF-8 string */
  180. for (asclen = 0, i = 0; i < unilen; ) {
  181. j = bmp_to_utf8(asctmp+asclen, uni+i, unilen-i);
  182. if (j == 4) i += 4;
  183. else i += 2;
  184. asclen += j;
  185. }
  186. /* If no terminating zero write one */
  187. if (!unilen || (uni[unilen-2]||uni[unilen - 1]))
  188. asctmp[asclen] = '\0';
  189. return asctmp;
  190. }
  191. int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12)
  192. {
  193. return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
  194. }
  195. #ifndef OPENSSL_NO_STDIO
  196. int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12)
  197. {
  198. return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
  199. }
  200. #endif
  201. PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12)
  202. {
  203. return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
  204. }
  205. #ifndef OPENSSL_NO_STDIO
  206. PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12)
  207. {
  208. return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
  209. }
  210. #endif