123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459346034613462346334643465346634673468346934703471347234733474347534763477347834793480348134823483348434853486348734883489349034913492349334943495349634973498349935003501350235033504350535063507350835093510351135123513351435153516351735183519352035213522352335243525352635273528352935303531353235333534353535363537353835393540354135423543354435453546354735483549355035513552355335543555355635573558355935603561356235633564356535663567356835693570357135723573357435753576357735783579358035813582358335843585358635873588358935903591359235933594359535963597359835993600360136023603360436053606360736083609361036113612361336143615361636173618361936203621362236233624362536263627362836293630363136323633363436353636363736383639364036413642364336443645364636473648364936503651365236533654365536563657365836593660366136623663366436653666366736683669367036713672367336743675367636773678367936803681368236833684368536863687368836893690369136923693369436953696369736983699370037013702370337043705370637073708370937103711371237133714371537163717371837193720372137223723372437253726372737283729373037313732373337343735373637373738373937403741374237433744374537463747374837493750375137523753375437553756375737583759376037613762376337643765376637673768376937703771377237733774377537763777377837793780378137823783378437853786378737883789379037913792379337943795379637973798379938003801380238033804380538063807380838093810381138123813381438153816381738183819382038213822382338243825382638273828382938303831383238333834383538363837383838393840384138423843384438453846384738483849385038513852385338543855385638573858385938603861386238633864386538663867386838693870387138723873387438753876387738783879388038813882388338843885388638873888388938903891389238933894389538963897389838993900390139023903390439053906390739083909391039113912391339143915391639173918391939203921392239233924392539263927392839293930393139323933393439353936393739383939394039413942394339443945394639473948394939503951395239533954395539563957395839593960396139623963396439653966396739683969397039713972397339743975397639773978397939803981398239833984398539863987398839893990399139923993399439953996399739983999400040014002400340044005400640074008400940104011401240134014401540164017401840194020402140224023402440254026402740284029403040314032403340344035403640374038403940404041404240434044404540464047404840494050405140524053405440554056405740584059406040614062 |
- /* ssl_asn1.c
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
- #ifdef HAVE_CONFIG_H
- #include <config.h>
- #endif
- #include <wolfssl/wolfcrypt/settings.h>
- #include <wolfssl/internal.h>
- #ifndef WC_NO_RNG
- #include <wolfssl/wolfcrypt/random.h>
- #endif
- #if !defined(WOLFSSL_SSL_ASN1_INCLUDED)
- #ifndef WOLFSSL_IGNORE_FILE_WARN
- #warning ssl_asn1.c does not need to be compiled separately from ssl.c
- #endif
- #else
- /*******************************************************************************
- * ASN1_item APIs
- ******************************************************************************/
- #ifndef NO_ASN
- #ifdef OPENSSL_EXTRA
- #ifdef OPENSSL_ALL
- /* Create an ASN1 item of the specified type.
- *
- * @param [out] item Pointer to location to place new ASN1 item.
- * @param [in] type Type of ASN1 item to create.
- * @return 0 on success.
- * @return 1 when item type not supported.
- * @return 1 when item type allocation fails.
- */
- static int wolfssl_asn1_item_new(void** item, int type)
- {
- int err = 0;
- switch (type) {
- case WOLFSSL_X509_ALGOR_ASN1:
- *(WOLFSSL_X509_ALGOR**)item = wolfSSL_X509_ALGOR_new();
- break;
- case WOLFSSL_ASN1_BIT_STRING_ASN1:
- *(WOLFSSL_ASN1_BIT_STRING**)item = wolfSSL_ASN1_BIT_STRING_new();
- break;
- case WOLFSSL_ASN1_INTEGER_ASN1:
- *(WOLFSSL_ASN1_INTEGER**)item = wolfSSL_ASN1_INTEGER_new();
- break;
- default:
- WOLFSSL_MSG("Type not supported in wolfSSL_ASN1_item_new");
- *(void**)item = NULL;
- }
- /* Check whether an item was put in. */
- if (*(void**)item == NULL) {
- err = 1;
- }
- return err;
- }
- /* Create a new ASN1 item based on a template.
- *
- * @param [in] tpl Template of ASN1 items.
- * @return A new ASN1 item on success.
- * @return NULL when tpl is NULL, dynamic memory allocation fails or ASN1
- * item type not supported.
- */
- void* wolfSSL_ASN1_item_new(const WOLFSSL_ASN1_ITEM* tpl)
- {
- int err = 0;
- void* ret = NULL;
- const WOLFSSL_ASN1_TEMPLATE *mem = NULL;
- size_t i;
- WOLFSSL_ENTER("wolfSSL_ASN1_item_new");
- if (tpl != NULL) {
- ret = (void *)XMALLOC(tpl->size, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- if (ret != NULL) {
- XMEMSET(ret, 0, tpl->size);
- for (mem = tpl->members, i = 0; i < tpl->mcount; mem++, i++) {
- if ((err = wolfssl_asn1_item_new(
- (void**)(((byte*)ret) + mem->offset), mem->type))) {
- break;
- }
- }
- }
- if (err) {
- wolfSSL_ASN1_item_free(ret, tpl);
- ret = NULL;
- }
- return ret;
- }
- /* Dispose of an ASN1 item of the specified type.
- *
- * @param [in, out] item Pointer to an anonymized ASN1 item to free.
- * @param [in] type Type of ASN1 item to free.
- */
- static void wolfssl_asn1_item_free(void** item, int type)
- {
- switch (type) {
- case WOLFSSL_X509_ALGOR_ASN1:
- wolfSSL_X509_ALGOR_free(*(WOLFSSL_X509_ALGOR**)item);
- break;
- case WOLFSSL_ASN1_BIT_STRING_ASN1:
- wolfSSL_ASN1_BIT_STRING_free(*(WOLFSSL_ASN1_BIT_STRING**)item);
- break;
- case WOLFSSL_ASN1_INTEGER_ASN1:
- wolfSSL_ASN1_INTEGER_free(*(WOLFSSL_ASN1_INTEGER**)item);
- break;
- default:
- WOLFSSL_MSG("Type not supported in wolfSSL_ASN1_item_free");
- }
- }
- /* Dispose of ASN1 item based on a template.
- *
- * @param [in, out] val ASN item to free.
- * @param [in, tpl Template of ASN1 items.
- */
- void wolfSSL_ASN1_item_free(void *items, const WOLFSSL_ASN1_ITEM *tpl)
- {
- const WOLFSSL_ASN1_TEMPLATE *mem = NULL;
- size_t i;
- WOLFSSL_ENTER("wolfSSL_ASN1_item_free");
- if (items != NULL) {
- for (mem = tpl->members, i = 0; i < tpl->mcount; mem++, i++) {
- wolfssl_asn1_item_free((void**)(((byte*)items) + mem->offset),
- mem->type);
- }
- }
- XFREE(items, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- /* Offset buf if not NULL or NULL. */
- #define bufLenOrNull(buf, len) (((buf) != NULL) ? ((buf) + (len)) : NULL)
- /* Encode X509 algorithm as DER.
- *
- * @param [in] algor X509 algorithm object.
- * @param [in, out] buf Buffer to encode into. May be NULL.
- * @return Length of DER encoding on success.
- * @return 0 on failure.
- */
- static int wolfSSL_i2d_X509_ALGOR(const WOLFSSL_X509_ALGOR* algor, byte* buf)
- {
- int ret;
- word32 oid = 0;
- word32 idx = 0;
- if (algor->algorithm == 0) {
- WOLFSSL_MSG("X509_ALGOR algorithm not set");
- ret = 0;
- }
- else if (GetObjectId(algor->algorithm->obj, &idx, &oid,
- (word32)algor->algorithm->grp, algor->algorithm->objSz) < 0) {
- WOLFSSL_MSG("Issue getting OID of object");
- ret = 0;
- }
- else {
- ret = (int)SetAlgoID((int)oid, buf, algor->algorithm->grp, 0);
- }
- return ret;
- }
- /* Encode ASN.1 BIT_STRING as DER.
- *
- * @param [in] bit_str BIT_STRING object.
- * @param [in, out] buf Buffer to encode into. May be NULL.
- * @return Length of DER encoding on success.
- */
- static int wolfSSL_i2d_ASN1_BIT_STRING(const WOLFSSL_ASN1_BIT_STRING* bit_str,
- byte* buf)
- {
- int len;
- len = (int)SetBitString((word32)bit_str->length, 0, buf);
- if ((buf != NULL) && (bit_str->data != NULL)) {
- XMEMCPY(buf + len, bit_str->data, (size_t)bit_str->length);
- }
- return len + bit_str->length;
- }
- /* Encode ASN item as DER.
- *
- * @param [in] item Pointer to anonymized ASN item.
- * @param [in, out] buf Buffer to encode into. May be NULL.
- * @return Length of DER encoding on success.
- * @return 0 on failure.
- */
- static int wolfssl_i2d_asn1_item(void** item, int type, byte* buf)
- {
- int len;
- switch (type) {
- case WOLFSSL_X509_ALGOR_ASN1:
- len = wolfSSL_i2d_X509_ALGOR(*(const WOLFSSL_X509_ALGOR**)item,
- buf);
- break;
- case WOLFSSL_ASN1_BIT_STRING_ASN1:
- len = wolfSSL_i2d_ASN1_BIT_STRING(
- *(const WOLFSSL_ASN1_BIT_STRING**)item, buf);
- break;
- case WOLFSSL_ASN1_INTEGER_ASN1:
- {
- byte *tmp_buf = buf;
- len = wolfSSL_i2d_ASN1_INTEGER(
- *(const WOLFSSL_ASN1_INTEGER**)item, &tmp_buf);
- if ((buf == NULL) && (tmp_buf != NULL)) {
- XFREE(tmp_buf, NULL, DYNAMIC_TYPE_ASN1);
- tmp_buf = NULL;
- }
- }
- break;
- default:
- WOLFSSL_MSG("Type not support in processMembers");
- len = 0;
- }
- return len;
- }
- /* Encode members of an ASN.1 SEQUENCE as DER.
- *
- * @param [in] src ASN1 items to encode.
- * @param [in, out] buf Buffer to encode into. May be NULL.
- * @param [in] members ASN1 template members.
- * @param [in] mcount Count of template members.
- * @return Length of DER encoding on success.
- * @return 0 on failure.
- */
- static int wolfssl_i2d_asn1_items(const void* src, byte*buf,
- const WOLFSSL_ASN1_TEMPLATE* members, size_t mcount)
- {
- const WOLFSSL_ASN1_TEMPLATE* mem = NULL;
- int len = 0;
- int ret;
- size_t i;
- WOLFSSL_ENTER("wolfssl_i2d_asn1_items");
- for (mem = members, i = 0; i < mcount; mem++, i++) {
- ret = wolfssl_i2d_asn1_item((void**)(((byte*)src) + mem->offset),
- mem->type, bufLenOrNull(buf, len));
- if (ret == 0) {
- len = 0;
- break;
- }
- len += ret;
- }
- WOLFSSL_LEAVE("wolfssl_i2d_asn1_items", len);
- return len;
- }
- /* Encode sequence and items under it.
- *
- * @param [in] src ASN1 items to encode.
- * @param [in, out] buf Buffer to encode into. May be NULL.
- * @param [in] tpl Template of ASN1 items.
- * @return Length of DER encoding on success.
- * @return 0 on failure.
- */
- static int i2d_ASN_SEQUENCE(const void* src, byte* buf,
- const WOLFSSL_ASN1_ITEM* tpl)
- {
- word32 seq_len;
- word32 len = 0;
- seq_len = (word32)wolfssl_i2d_asn1_items(src, NULL, tpl->members,
- tpl->mcount);
- if (seq_len != 0) {
- len = SetSequence(seq_len, buf);
- if (buf != NULL) {
- wolfssl_i2d_asn1_items(src, buf + len, tpl->members, tpl->mcount);
- }
- len += seq_len;
- }
- return (int)len;
- }
- /* Encode ASN1 template item.
- *
- * @param [in] src ASN1 items to encode.
- * @param [in, out] buf Buffer to encode into. May be NULL.
- * @param [in] tpl Template of ASN1 items.
- * @return Length of DER encoding on success.
- * @return 0 on failure.
- */
- static int wolfssl_asn1_item_encode(const void* src, byte* buf,
- const WOLFSSL_ASN1_ITEM* tpl)
- {
- int len;
- switch (tpl->type) {
- case ASN_SEQUENCE:
- len = i2d_ASN_SEQUENCE(src, buf, tpl);
- break;
- default:
- WOLFSSL_MSG("Type not supported in wolfSSL_ASN1_item_i2d");
- len = 0;
- }
- return len;
- }
- /* Encode ASN1 template.
- *
- * @param [in] src ASN1 items to encode.
- * @param [in, out] dest Pointer to buffer to encode into. May be NULL.
- * @param [in] tpl Template of ASN1 items.
- * @return Length of DER encoding on success.
- * @return 0 on failure.
- */
- int wolfSSL_ASN1_item_i2d(const void* src, byte** dest,
- const WOLFSSL_ASN1_ITEM* tpl)
- {
- int ret = 1;
- int len = 0;
- byte* buf = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_item_i2d");
- /* Validate parameters. */
- if ((src == NULL) || (tpl == NULL)) {
- ret = 0;
- }
- if ((ret == 1) && ((len = wolfssl_asn1_item_encode(src, NULL, tpl)) == 0)) {
- ret = 0;
- }
- if ((ret == 1) && (dest != NULL)) {
- if (*dest == NULL) {
- buf = (byte*)XMALLOC((size_t)len, NULL, DYNAMIC_TYPE_ASN1);
- if (buf == NULL)
- ret = 0;
- *dest = buf;
- }
- if (ret == 1) {
- len = wolfssl_asn1_item_encode(src, *dest, tpl);
- }
- }
- if (ret == 0) {
- XFREE(buf, NULL, DYNAMIC_TYPE_ASN1);
- len = 0;
- }
- WOLFSSL_LEAVE("wolfSSL_ASN1_item_i2d", len);
- return len;
- }
- #endif /* OPENSSL_ALL */
- #endif /* OPENSSL_EXTRA */
- /*******************************************************************************
- * ASN1_BIT_STRING APIs
- ******************************************************************************/
- #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
- /* Create a new ASN.1 BIT_STRING object.
- *
- * @return ASN.1 BIT_STRING object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_BIT_STRING* wolfSSL_ASN1_BIT_STRING_new(void)
- {
- WOLFSSL_ASN1_BIT_STRING* bitStr;
- bitStr = (WOLFSSL_ASN1_BIT_STRING*)XMALLOC(sizeof(WOLFSSL_ASN1_BIT_STRING),
- NULL, DYNAMIC_TYPE_OPENSSL);
- if (bitStr) {
- XMEMSET(bitStr, 0, sizeof(WOLFSSL_ASN1_BIT_STRING));
- }
- return bitStr;
- }
- /* Dispose of ASN.1 BIT_STRING object.
- *
- * Do not use bitStr after calling this function.
- *
- * @param [in, out] bitStr ASN.1 BIT_STRING to free. May be NULL.
- */
- void wolfSSL_ASN1_BIT_STRING_free(WOLFSSL_ASN1_BIT_STRING* bitStr)
- {
- if (bitStr != NULL) {
- /* Dispose of any data allocated in BIT_STRING. */
- XFREE(bitStr->data, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- /* Dispose of the ASN.1 BIT_STRING object. */
- XFREE(bitStr, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- /* Get the value of the bit from the ASN.1 BIT_STRING at specified index.
- *
- * A NULL object a value of 0 for the bit at all indices.
- * A negative index has a value of 0 for the bit.
- *
- * @param [in] bitStr ASN.1 BIT_STRING object.
- * @param [in] i Index of bit.
- * @return Value of bit.
- */
- int wolfSSL_ASN1_BIT_STRING_get_bit(const WOLFSSL_ASN1_BIT_STRING* bitStr,
- int i)
- {
- int bit = 0;
- /* Check for data and whether index is in range. */
- if ((bitStr != NULL) && (bitStr->data != NULL) && (i >= 0) &&
- (bitStr->length > (i / 8))) {
- bit = (bitStr->data[i / 8] & (1 << (7 - (i % 8)))) ? 1 : 0;
- }
- return bit;
- }
- #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
- #if defined(OPENSSL_ALL) && !defined(NO_CERTS)
- /* Grow data to require length.
- *
- * @param [in] bitStr ASN.1 BIT_STRING object.
- * @param [in] len Length, in bytes, of data required.
- * @return 1 on success.
- * @return 0 when dynamic memory allocation fails.
- */
- static int wolfssl_asn1_bit_string_grow(WOLFSSL_ASN1_BIT_STRING* bitStr,
- int len)
- {
- int ret = 1;
- byte* tmp;
- /* Realloc to length required. */
- tmp = (byte*)XREALLOC(bitStr->data, (size_t)len, NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (tmp == NULL) {
- ret = 0;
- }
- else {
- /* Clear out new, top bytes. */
- XMEMSET(tmp + bitStr->length, 0, (size_t)(len - bitStr->length));
- bitStr->data = tmp;
- bitStr->length = len;
- }
- return ret;
- }
- /* Set the value of a bit in the ASN.1 BIT_STRING at specified index.
- *
- * @param [in] bitStr ASN.1 BIT_STRING object.
- * @param [in] idx Index of bit to set.
- * @param [in] val Value of bit to set. Valid values: 0 or 1.
- * @return 1 on success.
- * @return 0 when bitStr is NULL, idx is negative, val is not 0 or 1, or
- * dynamic memory allocation fails.
- */
- int wolfSSL_ASN1_BIT_STRING_set_bit(WOLFSSL_ASN1_BIT_STRING* bitStr, int idx,
- int val)
- {
- int ret = 1;
- int i = 0;
- /* Validate parameters. */
- if ((bitStr == NULL) || (idx < 0) || ((val != 0) && (val != 1))) {
- ret = 0;
- }
- if (ret == 1) {
- i = idx / 8;
- /* Check if we need to extend data range. */
- if ((i >= bitStr->length) && (val != 0)) {
- /* Realloc data to handle having bit set at index. */
- ret = wolfssl_asn1_bit_string_grow(bitStr, i + 1);
- }
- }
- if ((ret == 1) && (i < bitStr->length)) {
- /* Bit on at index. */
- byte bit = 1 << (7 - (idx % 8));
- /* Clear bit and set to value. */
- bitStr->data[i] &= ~bit;
- bitStr->data[i] |= bit & (byte)(0 - val);
- }
- return ret;
- }
- #endif /* OPENSSL_ALL && !NO_CERTS */
- /*******************************************************************************
- * ASN1_INTEGER APIs
- ******************************************************************************/
- #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
- /* Create a new empty ASN.1 INTEGER object.
- *
- * @return ASN.1 INTEGER object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_new(void)
- {
- WOLFSSL_ASN1_INTEGER* a;
- /* Allocate a new ASN.1 INTEGER object. */
- a = (WOLFSSL_ASN1_INTEGER*)XMALLOC(sizeof(WOLFSSL_ASN1_INTEGER), NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (a != NULL) {
- XMEMSET(a, 0, sizeof(WOLFSSL_ASN1_INTEGER));
- /* Use fixed buffer field for data. */
- a->data = a->intData;
- a->isDynamic = 0;
- /* Maximum supported by fixed buffer. */
- a->dataMax = WOLFSSL_ASN1_INTEGER_MAX;
- /* No value set - no data. */
- a->length = 0;
- }
- return a;
- }
- /* Free the ASN.1 INTEGER object and any dynamically allocated data.
- *
- * @param [in, out] in ASN.1 INTEGER object.
- */
- void wolfSSL_ASN1_INTEGER_free(WOLFSSL_ASN1_INTEGER* in)
- {
- if ((in != NULL) && (in->isDynamic)) {
- /* Dispose of any data allocated in INTEGER. */
- XFREE(in->data, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- /* Dispose of the ASN.1 INTEGER object. */
- XFREE(in, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- #if defined(OPENSSL_EXTRA)
- /* Reset the data of ASN.1 INTEGER object back to empty fixed array.
- *
- * @param [in] a ASN.1 INTEGER object.
- */
- static void wolfssl_asn1_integer_reset_data(WOLFSSL_ASN1_INTEGER* a)
- {
- /* Don't use dynamic buffer anymore. */
- if (a->isDynamic) {
- /* Cache pointer to allocated data. */
- unsigned char* data = a->data;
- /* No longer dynamic. */
- a->isDynamic = 0;
- /* Point data at fixed array. */
- a->data = a->intData;
- /* Set maximum length to fixed array size. */
- a->dataMax = (unsigned int)sizeof(a->intData);
- /* Dispose of dynamically allocated data. */
- XFREE(data, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- /* Clear out data from fixed array. */
- XMEMSET(a->intData, 0, sizeof(a->intData));
- /* No data, no length. */
- a->length = 0;
- /* No data, not negative. */
- a->negative = 0;
- /* Set type to positive INTEGER. */
- a->type = V_ASN1_INTEGER;
- }
- #endif /* OPENSSL_EXTRA */
- /* Setup ASN.1 INTEGER object to handle data of required length.
- *
- * @param [in, out] a ASN.1 INTEGER object.
- * @param [in] len Required length in bytes.
- * @return 1 on success.
- * @return 0 on dynamic memory allocation failure.
- */
- static int wolfssl_asn1_integer_require_len(WOLFSSL_ASN1_INTEGER* a, int len,
- int keepOldData)
- {
- int ret = 1;
- byte* data;
- byte* oldData = a->intData;
- int oldLen = a->length;
- if (a->isDynamic && (len > (int)a->dataMax)) {
- oldData = a->data;
- a->isDynamic = 0;
- a->data = a->intData;
- a->dataMax = (unsigned int)sizeof(a->intData);
- }
- a->length = 0;
- if ((!a->isDynamic) && (len > (int)a->dataMax)) {
- /* Create a new buffer to hold large integer value. */
- data = (byte*)XMALLOC((size_t)len, NULL, DYNAMIC_TYPE_OPENSSL);
- if (data == NULL) {
- ret = 0;
- }
- else {
- /* Indicate data is dynamic and copy data over. */
- a->isDynamic = 1;
- a->data = data;
- a->dataMax = (word32)len;
- }
- }
- if (keepOldData) {
- if (oldData != a->data) {
- /* Copy old data into new buffer. */
- XMEMCPY(a->data, oldData, (size_t)oldLen);
- }
- /* Restore old length. */
- a->length = oldLen;
- }
- if (oldData != a->intData) {
- /* Dispose of the old dynamic data. */
- XFREE(oldData, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- return ret;
- }
- /* Duplicate the ASN.1 INTEGER object into a newly allocated one.
- *
- * @param [in] src ASN.1 INTEGER object to copy.
- * @return ASN.1 INTEGER object on success.
- * @return NULL when src is NULL or dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_dup(const WOLFSSL_ASN1_INTEGER* src)
- {
- WOLFSSL_ASN1_INTEGER* dup = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_INTEGER_dup");
- /* Check for object to duplicate. */
- if (src != NULL) {
- /* Create a new ASN.1 INTEGER object to be copied into. */
- dup = wolfSSL_ASN1_INTEGER_new();
- }
- /* Check for object to copy into. */
- if (dup != NULL) {
- /* Copy simple fields. */
- dup->length = src->length;
- dup->negative = src->negative;
- dup->type = src->type;
- if (!src->isDynamic) {
- /* Copy over data from/to fixed buffer. */
- XMEMCPY(dup->intData, src->intData, WOLFSSL_ASN1_INTEGER_MAX);
- }
- else if (wolfssl_asn1_integer_require_len(dup, src->length, 0) == 0) {
- wolfSSL_ASN1_INTEGER_free(dup);
- dup = NULL;
- }
- else {
- XMEMCPY(dup->data, src->data, (size_t)src->length);
- }
- }
- return dup;
- }
- #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
- #if defined(OPENSSL_EXTRA)
- /* Compare values in two ASN.1 INTEGER objects.
- *
- * @param [in] a First ASN.1 INTEGER object.
- * @param [in] b Second ASN.1 INTEGER object.
- * @return Negative value when a is less than b.
- * @return 0 when a equals b.
- * @return Positive value when a is greater than b.
- * @return -1 when a or b is NULL.
- */
- int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER* a,
- const WOLFSSL_ASN1_INTEGER* b)
- {
- int ret = 0;
- WOLFSSL_ENTER("wolfSSL_ASN1_INTEGER_cmp");
- /* Validate parameters. */
- if ((a == NULL) || (b == NULL)) {
- WOLFSSL_MSG("Bad parameter.");
- ret = -1;
- }
- /* Negative value < Positive value */
- else if (a->negative && !b->negative) {
- ret = -1;
- }
- /* Positive value > Negative value */
- else if (!a->negative && b->negative) {
- ret = 1;
- }
- else {
- /* Check for difference in length. */
- if (a->length != b->length) {
- ret = a->length - b->length;
- }
- else {
- /* Compare data given they are the same length. */
- ret = XMEMCMP(a->data, b->data, (size_t)a->length);
- }
- /* Reverse comparison result when both negative. */
- if (a->negative) {
- ret = -ret;
- }
- }
- WOLFSSL_LEAVE("wolfSSL_ASN1_INTEGER_cmp", ret);
- return ret;
- }
- /* Calculate 2's complement of DER encoding.
- *
- * @param [in] data Array that is number.
- * @param [in] length Number of bytes in array.
- * @return 0 on success.
- * @return -1 when get length from DER header failed.
- */
- static void wolfssl_twos_compl(byte* data, int length)
- {
- int i;
- /* Invert bits - 1's complement. */
- for (i = 0; i < length; ++i) {
- data[i] = ~data[i];
- }
- /* 2's complement - add 1. */
- for (i = length - 1; (++data[i]) == 0; --i) {
- /* Do nothing. */
- }
- }
- /* Calculate 2's complement of DER encoding.
- *
- * @param [in] data Array that is number.
- * @param [in] length Number of bytes in array.
- * @param [out] neg When NULL, 2's complement data.
- * When not NULL, check for negative first and return.
- * @return 0 on success.
- * @return -1 when get length from DER header failed.
- */
- static int wolfssl_asn1_int_twos_compl(byte* data, int length, byte* neg)
- {
- int ret = 0;
- word32 idx = 1; /* Skip tag. */
- int len;
- /* Get length from DER header. */
- if (GetLength(data, &idx, &len, (word32)length) < 0) {
- ret = -1;
- }
- else {
- if (neg != NULL) {
- *neg = data[idx] & 0x80;
- }
- if ((neg == NULL) || (*neg != 0)) {
- wolfssl_twos_compl(data + idx, length - (int)idx);
- }
- }
- return ret;
- }
- /* Encode ASN.1 INTEGER as DER without tag.
- *
- * When out points to NULL, a new buffer is allocated and returned.
- *
- * @param [in] a ASN.1 INTEGER object.
- * @param [in, out] out Pointer to buffer to hold encoding. May point to NULL.
- * @return Length of encoding on success.
- * @return -1 when a is NULL or no data, out is NULL, dynamic memory allocation
- * fails or encoding length fails.
- */
- int wolfSSL_i2d_ASN1_INTEGER(const WOLFSSL_ASN1_INTEGER* a, unsigned char** out)
- {
- int ret = 0;
- byte* buf = NULL;
- WOLFSSL_ENTER("wolfSSL_i2d_ASN1_INTEGER");
- /* Validate parameters. */
- if ((a == NULL) || (a->data == NULL) || (a->length <= 0) || (out == NULL)) {
- WOLFSSL_MSG("Bad parameter.");
- ret = -1;
- }
- if ((ret == 0) && (*out == NULL)) {
- /* Allocate buffer to hold encoding. */
- buf = (unsigned char*)XMALLOC((size_t)a->length, NULL,
- DYNAMIC_TYPE_ASN1);
- if (buf == NULL) {
- WOLFSSL_MSG("Failed to allocate output buffer.");
- ret = -1;
- }
- /* Return any allocated buffer. */
- *out = buf;
- }
- if (ret == 0) {
- /* Copy the data (including tag and length) into output buffer. */
- XMEMCPY(*out, a->data, (size_t)a->length);
- /* Only magnitude of the number stored (i.e. the sign isn't encoded).
- * The "negative" field is 1 if the value must be interpreted as
- * negative and we need to output the 2's complement of the value in
- * the DER output.
- */
- if (a->negative) {
- ret = wolfssl_asn1_int_twos_compl(*out, a->length, NULL);
- }
- }
- if (ret == 0) {
- ret = a->length;
- /* Move pointer on passed encoding when buffer passed in. */
- if (buf == NULL) {
- *out += a->length;
- }
- }
- /* Dispose of any dynamically allocated data on error. */
- else if (buf != NULL) {
- /* Dispose of buffer allocated locally on error. */
- XFREE(buf, NULL, DYNAMIC_TYPE_ASN1);
- /* Don't return freed buffer. */
- *out = NULL;
- }
- WOLFSSL_LEAVE("wolfSSL_i2d_ASN1_INTEGER", ret);
- return ret;
- }
- /* Decode DER encoding of ASN.1 INTEGER.
- *
- * @param [out] a ASN.1 INTEGER object. May be NULL.
- * @param [in, out] in Pointer to buffer containing DER encoding.
- * @param [in] inSz Length of data in buffer.
- * @return ASN.1 INTEGER object on success.
- * @return NULL when in or *in is NULL, inSz is less than or equal to 2 or
- * parsing DER failed.
- */
- WOLFSSL_ASN1_INTEGER* wolfSSL_d2i_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER** a,
- const unsigned char** in, long inSz)
- {
- WOLFSSL_ASN1_INTEGER* ret = NULL;
- int err = 0;
- word32 idx = 1;
- int len = 0;
- WOLFSSL_ENTER("wolfSSL_d2i_ASN1_INTEGER");
- /* Validate parameters. */
- if ((in == NULL) || (*in == NULL) || (inSz <= 2)) {
- WOLFSSL_MSG("Bad parameter");
- err = 1;
- }
- /* Check that the tag is correct. */
- if ((!err) && (*in)[0] != ASN_INTEGER) {
- WOLFSSL_MSG("Tag doesn't indicate integer type.");
- err = 1;
- }
- /* Check that length and use this instead of inSz. */
- if ((!err) && (GetLength(*in, &idx, &len, (word32)inSz) <= 0)) {
- WOLFSSL_MSG("ASN.1 length not valid.");
- err = 1;
- }
- /* Allocate a new ASN.1 INTEGER object. */
- if ((!err) && ((ret = wolfSSL_ASN1_INTEGER_new()) == NULL)) {
- err = 1;
- }
- if ((!err) && (wolfssl_asn1_integer_require_len(ret, (int)idx + len, 0) !=
- 1)) {
- err = 1;
- }
- if (!err) {
- /* Set type. */
- ret->type = V_ASN1_INTEGER;
- /* Copy DER encoding and length. */
- XMEMCPY(ret->data, *in, (size_t)(idx + (word32)len));
- ret->length = (int)idx + len;
- /* Do 2's complement if number is negative. */
- if (wolfssl_asn1_int_twos_compl(ret->data, ret->length, &ret->negative)
- != 0) {
- err = 1;
- }
- }
- if ((!err) && ret->negative) {
- /* Update type if number was negative. */
- ret->type |= V_ASN1_NEG_INTEGER;
- }
- if (err) {
- /* Dispose of dynamically allocated data on error. */
- wolfSSL_ASN1_INTEGER_free(ret);
- ret = NULL;
- }
- else {
- if (a != NULL) {
- /* Return ASN.1 INTEGER through a. */
- *a = ret;
- }
- *in += ret->length;
- }
- return ret;
- }
- #ifndef NO_BIO
- /* Get length of leading hexadecimal characters.
- *
- * Looks for continuation character before carriage returns and line feeds.
- *
- * @param [in] str String with input.
- * @param [in] len Length of string.
- * @param [out] cont Line continuation character at end of line before
- * carriage returns and line feeds.
- * @return Number of leading hexadecimal characters in string.
- */
- static int wolfssl_a2i_asn1_integer_clear_to_eol(char* str, int len, int* cont)
- {
- byte num;
- word32 nLen;
- int i;
- /* Strip off trailing carriage returns and line feeds. */
- while ((len > 0) && ((str[len - 1] == '\n') || (str[len - 1] == '\r'))) {
- len--;
- }
- /* Check for line continuation character. */
- if ((len > 0) && (str[len - 1] == '\\')) {
- *cont = 1;
- len--;
- }
- else {
- *cont = 0;
- }
- /* Find end of hexadecimal characters. */
- nLen = 1;
- for (i = 0; i < len; i++) {
- /* Check if character is a hexadecimal character. */
- if (Base16_Decode((const byte*)str + i, 1, &num, &nLen) == ASN_INPUT_E)
- {
- /* Found end of hexadecimal characters, return count. */
- len = i;
- break;
- }
- }
- return len;
- }
- /* Read number from BIO as a string.
- *
- * Line continuation character at end of line means next line must be read.
- *
- * @param [in] bio BIO to read from.
- * @param [in] asn1 ASN.1 INTEGER object to put number into.
- * @param [in, out] buf Buffer to use when reading.
- * @param [in] size Length of buffer in bytes.
- * @return 1 on success.
- * @return 0 on failure.
- */
- int wolfSSL_a2i_ASN1_INTEGER(WOLFSSL_BIO *bio, WOLFSSL_ASN1_INTEGER *asn1,
- char *buf, int size)
- {
- int ret = 1;
- int readNextLine = 1;
- int len;
- word32 outLen = 0;
- const int hdrSz = 1 + MAX_LENGTH_SZ;
- WOLFSSL_ENTER("wolfSSL_a2i_ASN1_INTEGER");
- if ((bio == NULL) || (asn1 == NULL) || (buf == NULL) || (size <= 0)) {
- WOLFSSL_MSG("Bad parameter");
- ret = 0;
- }
- while ((ret == 1) && readNextLine) {
- int lineLen;
- /* Assume we won't be reading any more. */
- readNextLine = 0;
- /* Read a line. */
- lineLen = wolfSSL_BIO_gets(bio, buf, size);
- if (lineLen <= 0) {
- WOLFSSL_MSG("wolfSSL_BIO_gets error");
- ret = 0;
- }
- if (ret == 1) {
- /* Find length of hexadecimal digits in string. */
- lineLen = wolfssl_a2i_asn1_integer_clear_to_eol(buf, lineLen,
- &readNextLine);
- /* Check we have a valid hexadecimal string to process. */
- if ((lineLen == 0) || ((lineLen % 2) != 0)) {
- WOLFSSL_MSG("Invalid line length");
- ret = 0;
- }
- }
- if (ret == 1) {
- /* Calculate length of complete number so far. */
- len = asn1->length + (lineLen / 2);
- /* Make sure enough space for number and maximum header. */
- if (wolfssl_asn1_integer_require_len(asn1, len + hdrSz, outLen != 0)
- != 1) {
- ret = 0;
- }
- }
- if (ret == 1) {
- /* Decode string and append to data. */
- outLen = (word32)(lineLen / 2);
- (void)Base16_Decode((byte*)buf, (word32)lineLen,
- asn1->data + asn1->length, &outLen);
- /* Update length of data. */
- asn1->length += (int)outLen;
- }
- }
- if (ret == 1) {
- int idx;
- /* Get ASN.1 header length. */
- idx = SetASNInt(asn1->length, asn1->data[0], NULL);
- /* Move data to be after ASN.1 header. */
- XMEMMOVE(asn1->data + idx, asn1->data, (size_t)asn1->length);
- /* Encode ASN.1 header. */
- SetASNInt(asn1->length, asn1->data[idx], asn1->data);
- /* Update length of data. */
- asn1->length += idx;
- }
- return ret;
- }
- /* Write out number in ASN.1 INTEGER object to BIO as string.
- *
- * @param [in] bp BIO to write to.
- * @param [in] a ASN.1 INTEGER object.
- * @return Number of characters written on success.
- * @return 0 when bp or a is NULL.
- * @return 0 DER header in data is invalid.
- */
- int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a)
- {
- int err = 0;
- word32 idx = 1; /* Skip ASN.1 INTEGER tag byte. */
- int len = 0;
- byte buf[WOLFSSL_ASN1_INTEGER_MAX * 2 + 1];
- word32 bufLen;
- WOLFSSL_ENTER("wolfSSL_i2a_ASN1_INTEGER");
- /* Validate parameters. */
- if ((bp == NULL) || (a == NULL)) {
- err = 1;
- }
- if (!err) {
- /* Read DER length - must be at least 1 byte. */
- if (GetLength(a->data, &idx, &len, (word32)a->length) <= 0) {
- err = 1;
- }
- }
- /* Keep encoding and writing while no error and bytes in data. */
- while ((!err) && (idx < (word32)a->length)) {
- /* Number of bytes left to encode. */
- int encLen = a->length - (int)idx;
- /* Reduce to maximum buffer size if necessary. */
- if (encLen > (int)sizeof(buf) / 2) {
- encLen = (int)sizeof(buf) / 2;
- }
- /* Encode bytes from data into buffer. */
- bufLen = (int)sizeof(buf);
- (void)Base16_Encode(a->data + idx, (word32)encLen, buf, &bufLen);
- /* Update index to next bytes to encoded. */
- idx += (word32)encLen;
- /* Write out characters but not NUL char. */
- if (wolfSSL_BIO_write(bp, buf, (int)bufLen - 1) != (int)(bufLen - 1)) {
- err = 1;
- }
- }
- if (err) {
- /* Return 0 on error. */
- len = 0;
- }
- /* Return total number of characters written. */
- return len * 2;
- }
- #endif /* !NO_BIO */
- #ifndef NO_ASN
- /* Determine if a pad byte is required and its value for a number.
- *
- * Assumes values pointed to by pad and padVal are both 0.
- *
- * @param [in] data Number encoded as big-endian bytes.
- * @param [in] len Length of number in bytes.
- * @param [in, out] neg Indicates number is negative.
- * @param [out] pad Number of padding bytes required.
- * @param [out] padVal Padding byte to prepend.
- */
- static void wolfssl_asn1_integer_pad(unsigned char* data, int len,
- unsigned char* neg, char* pad, unsigned char* padVal)
- {
- /* Check for empty data. */
- if (len == 0) {
- *pad = 1;
- *padVal = 0x00;
- *neg = 0;
- }
- else {
- /* Get first, most significant, byte of encoded number. */
- unsigned char firstByte = data[0];
- /* 0 can't be negative. */
- if ((len == 1) && (firstByte == 0x00)) {
- *neg = 0;
- }
- /* Positive value must not have top bit of first byte set. */
- if ((!*neg) && (firstByte >= 0x80)) {
- *pad = 1;
- *padVal = 0x00;
- }
- /* Negative numbers are two's complemented.
- * Two's complement value must have top bit set.
- */
- else if (*neg && (firstByte > 0x80)) {
- *pad = 1;
- *padVal = 0xff;
- }
- /* Checking for: 0x80[00]*
- * when negative that when two's complemented will be: 0x80[00]*
- * and therefore doesn't require pad byte.
- */
- else if (*neg && (firstByte == 0x80)) {
- int i;
- /* Check rest of bytes. */
- for (i = 1; i < len; i++) {
- if (data[i] != 0x00) {
- /* Not 0x80[00]* */
- *pad = 1;
- *padVal = 0xff;
- break;
- }
- }
- }
- }
- }
- /* Convert ASN.1 INTEGER object into content octets.
- *
- * TODO: compatibility with OpenSSL? OpenSSL assumes data not DER encoded.
- *
- * When pp points to a buffer, on success pp will point to after the encoded
- * data.
- *
- * @param [in] a ASN.1 INTEGER object.
- * @param [in, out] pp Pointer to buffer. May be NULL. Cannot point to NULL.
- * @return Length of encoding on success.
- * @return 0 when a is NULL, pp points to NULL or DER length encoding invalid.
- */
- int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp)
- {
- int err = 0;
- int len = 0;
- char pad = 0;
- unsigned char padVal = 0;
- word32 idx = 1;
- WOLFSSL_ENTER("wolfSSL_i2c_ASN1_INTEGER");
- /* Validate parameters. */
- if ((a == NULL) || ((pp != NULL) && (*pp == NULL))) {
- err = 1;
- }
- /* Get length from DER encoding. */
- if ((!err) && (GetLength_ex(a->data, &idx, &len, a->dataMax, 0) < 0)) {
- err = 1;
- }
- if (!err) {
- /* Determine pad length and value. */
- wolfssl_asn1_integer_pad(a->data + idx, len, &a->negative, &pad,
- &padVal);
- /* Total encoded length is number length plus one when padding. */
- len += (int)pad;
- }
- /* Check buffer supplied to write into. */
- if ((!err) && (pp != NULL)) {
- /* Put in any pad byte. */
- if (pad) {
- (*pp)[0] = padVal;
- }
- /* Copy remaining bytes into output buffer. */
- XMEMCPY(*pp + pad, a->data + idx, (size_t)(len - pad));
- /* Two's complement copied bytes when negative. */
- if (a->negative) {
- wolfssl_twos_compl(*pp + pad, len - pad);
- }
- /* Move pointer past encoded data. */
- *pp += len;
- }
- return len;
- }
- /* Make a big number with the value in the ASN.1 INTEGER object.
- *
- * A new big number object is allocated when bn is NULL.
- *
- * @param [in] ai ASN.1 INTEGER object.
- * @param [in] bn Big number object. May be NULL.
- * @return Big number object on success.
- * @return NULL when ai is NULL or converting from binary fails.
- */
- WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
- WOLFSSL_BIGNUM *bn)
- {
- int err = 0;
- word32 idx = 1;
- int len = 0;
- WOLFSSL_BIGNUM* ret = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_INTEGER_to_BN");
- /* Validate parameters. */
- if (ai == NULL) {
- err = 1;
- }
- if (!err) {
- /* Get the length of ASN.1 INTEGER number. */
- if ((ai->data[0] != ASN_INTEGER) || (GetLength(ai->data, &idx, &len,
- (word32)ai->length) <= 0)) {
- #if defined(WOLFSSL_QT) || defined(WOLFSSL_HAPROXY)
- idx = 0;
- len = ai->length;
- #else
- WOLFSSL_MSG("Data in WOLFSSL_ASN1_INTEGER not DER encoded");
- err = 1;
- #endif
- }
- }
- if (!err) {
- /* Convert binary to big number. */
- ret = wolfSSL_BN_bin2bn(ai->data + idx, len, bn);
- if (ret != NULL) {
- /* Handle negative. */
- (void)wolfssl_bn_set_neg(ret, ai->negative);
- }
- }
- return ret;
- }
- #endif /* !NO_ASN */
- /* Create an ASN.1 INTEGER object from big number.
- *
- * Allocates a new ASN.1 INTEGER object when ai is NULL.
- *
- * @param [in] bn Big number to encode.
- * @param [in] ai ASN.1 INTEGER object. May be NULL.
- * @return ASN.1 INTEGER object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_INTEGER* wolfSSL_BN_to_ASN1_INTEGER(const WOLFSSL_BIGNUM *bn,
- WOLFSSL_ASN1_INTEGER *ai)
- {
- int err = 0;
- WOLFSSL_ASN1_INTEGER* a = NULL;
- int len = 0;
- int numBits = 0;
- byte firstByte = 0;
- WOLFSSL_ENTER("wolfSSL_BN_to_ASN1_INTEGER");
- /* Validate parameters. */
- if (bn == NULL) {
- err = 1;
- }
- /* Use ASN.1 INTEGER object if provided. */
- else if (ai != NULL) {
- a = ai;
- }
- /* Create an ASN.1 INTEGER object to return. */
- else {
- a = wolfSSL_ASN1_INTEGER_new();
- if (a == NULL) {
- err = 1;
- }
- }
- /* Check we have an ASN.1 INTEGER object to set. */
- if (!err) {
- int length;
- /* Set type and negative. */
- a->type = V_ASN1_INTEGER;
- if (wolfSSL_BN_is_negative(bn) && !wolfSSL_BN_is_zero(bn)) {
- a->negative = 1;
- a->type |= V_ASN1_NEG_INTEGER;
- }
- /* Get length in bytes of encoded number. */
- len = wolfSSL_BN_num_bytes(bn);
- if (len == 0) {
- len = 1;
- }
- /* Get length in bits of encoded number. */
- numBits = wolfSSL_BN_num_bits(bn);
- /* Leading zero required if most-significant byte has top bit set. */
- if ((numBits > 0) && (numBits % 8) == 0) {
- firstByte = 0x80;
- }
- /* Get length of header based on length of number. */
- length = SetASNInt(len, firstByte, NULL);
- /* Add number of bytes to encode number. */
- length += len;
- /* Update data field to handle length. */
- if (wolfssl_asn1_integer_require_len(a, length, 0) != 1) {
- err = 1;
- }
- }
- if (!err) {
- /* Write ASN.1 header. */
- int idx = SetASNInt(len, firstByte, a->data);
- /* Populate data. */
- if (numBits == 0) {
- a->data[idx] = 0;
- }
- else {
- /* Add encoded number. */
- len = wolfSSL_BN_bn2bin(bn, a->data + idx);
- if (len < 0) {
- err = 1;
- }
- }
- /* Set length to encoded length. */
- a->length = idx + len;
- }
- if (err) {
- /* Can't use ASN.1 INTEGER object. */
- if (a != ai) {
- wolfSSL_ASN1_INTEGER_free(a);
- }
- a = NULL;
- }
- return a;
- }
- /* Get the value of the ASN.1 INTEGER as a long.
- *
- * Returning 0 on NULL and -1 on error is consistent with OpenSSL.
- *
- * @param [in] a ASN.1 INTEGER object.
- * @return Value as a long.
- * @return 0 when a is NULL.
- * @return -1 when a big number operation fails.
- */
- long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER* a)
- {
- long ret = 1;
- WOLFSSL_BIGNUM* bn = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_INTEGER_get");
- /* Validate parameter. */
- if (a == NULL) {
- ret = 0;
- }
- if (ret > 0) {
- /* Create a big number from the DER encoding. */
- bn = wolfSSL_ASN1_INTEGER_to_BN(a, NULL);
- if (bn == NULL) {
- ret = -1;
- }
- }
- if (ret > 0) {
- /* Get the big number as a word. */
- ret = (long)wolfSSL_BN_get_word(bn);
- /* Negate number of ASN.1 INTEGER was negative. */
- if (a->negative == 1) {
- ret = -ret;
- }
- }
- /* Dispose of big number as no longer needed. */
- if (bn != NULL) {
- wolfSSL_BN_free(bn);
- }
- WOLFSSL_LEAVE("wolfSSL_ASN1_INTEGER_get", (int)ret);
- return ret;
- }
- /* Sets the value of the ASN.1 INTEGER object to the long value.
- *
- * @param [in, out] a ASN.1 INTEGER object.
- * @param [in] v Value to set.
- * @return 1 on success.
- * @return 0 when a is NULL.
- */
- int wolfSSL_ASN1_INTEGER_set(WOLFSSL_ASN1_INTEGER *a, long v)
- {
- int ret = 1;
- /* Validate parameters. */
- if (a == NULL) {
- ret = 0;
- }
- if (ret == 1) {
- byte j;
- unsigned int i = 0;
- byte tmp[sizeof(long)];
- byte pad = 0;
- wolfssl_asn1_integer_reset_data(a);
- /* Check for negative. */
- if (v < 0) {
- /* Set negative and 2's complement the value. */
- a->negative = 1;
- a->type |= V_ASN1_NEG;
- v = -v;
- }
- /* Put value into temporary buffer - at least one byte encoded. */
- tmp[0] = (byte)(v & 0xff);
- v >>= 8;
- for (j = 1; j < (byte)sizeof(long); j++) {
- if (v == 0) {
- break;
- }
- tmp[j] = (byte)(v & 0xff);
- v >>= 8;
- }
- /* Pad with 0x00 to indicate positive number when top bit set. */
- if ((!a->negative) && (tmp[j-1] & 0x80)) {
- pad = 1;
- }
- /* Set tag. */
- a->data[i++] = ASN_INTEGER;
- /* Set length of encoded value. */
- a->data[i++] = pad + j;
- /* Set length of DER encoding. +2 for tag and length */
- a->length = 2 + pad + j;
- /* Add pad byte if required. */
- if (pad == 1) {
- a->data[i++] = 0;
- }
- /* Copy in data. */
- for (; j > 0; j--) {
- a->data[i++] = tmp[j-1];
- }
- }
- return ret;
- }
- #endif /* OPENSSL_EXTRA */
- /*******************************************************************************
- * ASN1_OBJECT APIs
- ******************************************************************************/
- #if !defined(NO_ASN)
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- /* Create a new ASN.1 OBJECT_ID object.
- *
- * @return ASN.1 OBJECT_ID object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_new(void)
- {
- WOLFSSL_ASN1_OBJECT* obj;
- /* Allocate memory for new ASN.1 OBJECT. */
- obj = (WOLFSSL_ASN1_OBJECT*)XMALLOC(sizeof(WOLFSSL_ASN1_OBJECT), NULL,
- DYNAMIC_TYPE_ASN1);
- if (obj != NULL) {
- XMEMSET(obj, 0, sizeof(WOLFSSL_ASN1_OBJECT));
- /* Setup pointers. */
- obj->d.ia5 = &(obj->d.ia5_internal);
- #if defined(OPENSSL_ALL)
- obj->d.iPAddress = &(obj->d.iPAddress_internal);
- #endif
- /* Object was allocated. */
- obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;
- }
- return obj;
- }
- /* Dispose of any ASN.1 OBJECT_ID dynamically allocated data.
- *
- * Do not use obj after calling this function.
- *
- * @param [in, out] obj ASN.1 OBJECT_ID object.
- */
- void wolfSSL_ASN1_OBJECT_free(WOLFSSL_ASN1_OBJECT* obj)
- {
- if (obj != NULL) {
- /* Check for dynamically allocated copy of encoded data. */
- if ((obj->dynamic & WOLFSSL_ASN1_DYNAMIC_DATA) != 0) {
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_MSG("Freeing ASN1 data");
- #endif
- XFREE((void*)obj->obj, obj->heap, DYNAMIC_TYPE_ASN1);
- obj->obj = NULL;
- }
- #if defined(OPENSSL_EXTRA)
- /* Check for path length ASN.1 INTEGER - X.509 extension. */
- if (obj->pathlen != NULL) {
- wolfSSL_ASN1_INTEGER_free(obj->pathlen);
- obj->pathlen = NULL;
- }
- #endif
- /* Check whether object was dynamically allocated. */
- if ((obj->dynamic & WOLFSSL_ASN1_DYNAMIC) != 0) {
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_MSG("Freeing ASN1 OBJECT");
- #endif
- XFREE(obj, NULL, DYNAMIC_TYPE_ASN1);
- }
- }
- }
- /* Duplicate the ASN.1 OBJECT_ID object.
- *
- * @param [in] obj ASN.1 OBJECT_ID object to copy.
- * @return New ASN.1 OBJECT_ID object on success.
- * @return NULL when obj is NULL or dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_dup(WOLFSSL_ASN1_OBJECT* obj)
- {
- WOLFSSL_ASN1_OBJECT* dupl = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_OBJECT_dup");
- /* Validate parameter. */
- if (obj == NULL) {
- WOLFSSL_MSG("Bad parameter");
- }
- /* Create a new ASN.1 OBJECT_ID object to return. */
- else if ((dupl = wolfSSL_ASN1_OBJECT_new()) == NULL) {
- WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_new error");
- }
- if (dupl != NULL) {
- /* Copy short name. */
- XMEMCPY(dupl->sName, obj->sName, WOLFSSL_MAX_SNAME);
- /* Copy simple fields. */
- dupl->type = obj->type;
- dupl->grp = obj->grp;
- dupl->nid = obj->nid;
- dupl->objSz = obj->objSz;
- #ifdef OPENSSL_EXTRA
- dupl->ca = obj->ca;
- #endif
- /* Check for encoding. */
- if (obj->obj) {
- /* Allocate memory for ASN.1 OBJECT_ID DER encoding. */
- dupl->obj = (const unsigned char*)XMALLOC(obj->objSz, NULL,
- DYNAMIC_TYPE_ASN1);
- if (dupl->obj == NULL) {
- WOLFSSL_MSG("ASN1 obj malloc error");
- wolfSSL_ASN1_OBJECT_free(dupl);
- dupl = NULL;
- }
- else {
- /* Encoding buffer was dynamically allocated. */
- dupl->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA;
- /* Copy DER encoding. */
- XMEMCPY((byte*)dupl->obj, obj->obj, obj->objSz);
- }
- }
- }
- return dupl;
- }
- #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
- #endif /* !NO_ASN */
- #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
- /**
- * Parse DER encoding and return header information.
- *
- * *in is moved to the value of the ASN1 object
- *
- * @param [in, out] in Pointer to BER encoded data.
- * @param [out] len Length of parsed ASN1 object
- * @param [out] tag Tag value of parsed ASN1 object
- * @param [out] cls Class of parsed ASN1 object
- * @param [in] inLen Length of *in buffer
- * @return int Depends on which bits are set in the returned int:
- * 0x80 an error occurred during parsing.
- * 0x20 parsed object is constructed.
- * 0x01 the parsed object length is indefinite.
- */
- int wolfSSL_ASN1_get_object(const unsigned char **in, long *len, int *tag,
- int *cls, long inLen)
- {
- int err = 0;
- word32 inOutIdx = 0;
- int l = 0;
- byte t = 0;
- int ret = 0x80;
- WOLFSSL_ENTER("wolfSSL_ASN1_get_object");
- if ((in == NULL) || (*in == NULL) || (len == NULL) || (tag == NULL) ||
- (cls == NULL) || (inLen <= 0)) {
- WOLFSSL_MSG("Bad parameter");
- err = 1;
- }
- if (!err) {
- /* Length at least 1, parameters valid - cannot fail to get tag. */
- GetASNTag(*in, &inOutIdx, &t, (word32)inLen);
- /* Get length in DER encoding. */
- if (GetLength_ex(*in, &inOutIdx, &l, (word32)inLen, 0) < 0) {
- WOLFSSL_MSG("GetLength error");
- err = 1;
- }
- }
- if (!err) {
- /* Return header information. */
- *tag = t & ASN_TYPE_MASK; /* Tag number is 5 lsb */
- *cls = t & ASN_CLASS_MASK; /* Class is 2 msb */
- *len = l;
- ret = t & ASN_CONSTRUCTED;
- if (l > (int)(inLen - inOutIdx)) {
- /* Still return other values but indicate error in msb */
- ret |= 0x80;
- }
- /* Move pointer to after DER header. */
- *in += inOutIdx;
- }
- return ret;
- }
- /* Creates and ASN.1 OBJECT_ID object from DER encoding.
- *
- * @param [out] a Pointer to return new ASN.1 OBJECT_ID through.
- * @param [in, out] der Pointer to buffer holding DER encoding.
- * @param [in] length Length of DER encoding in bytes.
- * @return New ASN.1 OBJECT_ID object on success.
- * @return NULL when der or *der is NULL or length is less than or equal zero.
- * @return NULL when not an OBJECT_ID or decoding fails.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_OBJECT *wolfSSL_d2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
- const unsigned char **der, long length)
- {
- WOLFSSL_ASN1_OBJECT* ret = NULL;
- int err = 0;
- const unsigned char *d;
- long len = 0;
- int tag = 0;
- int cls;
- WOLFSSL_ENTER("wolfSSL_d2i_ASN1_OBJECT");
- /* Validate parameters. */
- if ((der == NULL) || (*der == NULL) || (length <= 0)) {
- WOLFSSL_MSG("Bad parameter");
- err = 1;
- }
- if (!err) {
- /* Get pointer to be modified along the way. */
- d = *der;
- /* Move d to value and get length and tag. */
- if (wolfSSL_ASN1_get_object(&d, &len, &tag, &cls, length) & 0x80) {
- WOLFSSL_MSG("wolfSSL_ASN1_get_object error");
- err = 1;
- }
- }
- /* Check it DER encoding is of an OBJECT_ID. */
- if ((!err) && (tag != ASN_OBJECT_ID)) {
- WOLFSSL_MSG("Not an ASN object");
- err = 1;
- }
- /* Create an ASN.1 OBJECT_ID_object from value. TODO: not DER encoding? */
- if ((!err) && ((ret = wolfSSL_c2i_ASN1_OBJECT(a, &d, len)) != NULL)) {
- /* Update pointer to after decoded bytes. */
- *der = d;
- }
- return ret;
- }
- /* Write out DER encoding of ASN.1 OBJECT_ID.
- *
- * When pp is NULL, length is returned.
- * When pp points to NULL, a new buffer is allocated and returned through pp.
- * When pp points to a buffer, it is moved on past encoded data on success.
- *
- * @param [in] a ASN.1 OBJECT_ID object.
- * @param [in, out] pp Pointer to buffer to write to. May be NULL.
- * @return Length of encoding on success.
- * @return 0 when a or encoding buffer is NULL.
- * @return 0 when dynamic memory allocation fails.
- */
- int wolfSSL_i2d_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT *a, unsigned char **pp)
- {
- int len = 0;
- WOLFSSL_ENTER("wolfSSL_i2d_ASN1_OBJECT");
- /* Validate parameters */
- if ((a == NULL) || (a->obj == NULL)) {
- WOLFSSL_MSG("Bad parameters");
- }
- /* Only return length when no pointer supplied. */
- else if (pp == NULL) {
- len = (int)a->objSz;
- }
- else {
- byte *p = NULL;
- /* Check if we have a buffer to encode into. */
- if (*pp == NULL) {
- /* Allocate a new buffer to return. */
- p = (byte*)XMALLOC(a->objSz, NULL, DYNAMIC_TYPE_OPENSSL);
- if (p == NULL) {
- WOLFSSL_MSG("Bad malloc");
- }
- else {
- /* Return allocated buffer. */
- *pp = p;
- }
- }
- /* Check we have a buffer to encode into. */
- if (*pp != NULL) {
- /* Copy in DER encoding. */
- XMEMCPY(*pp, a->obj, a->objSz);
- /* Move on pointer if user supplied. */
- if (p == NULL) {
- *pp += a->objSz;
- }
- /* Return length of DER encoding. */
- len = (int)a->objSz;
- }
- }
- return len;
- }
- /* Create an ASN.1 OBJECT_ID object from the content octets.
- *
- * @param [out] a Pointer to return ASN.1 OBJECT_ID object.
- * @param [in, out] pp Pointer to buffer holding content octets.
- * @param [in] len Length of content octets in bytes.
- * @return New ASN.1 OBJECT_ID object on success.
- * @return NULL when pp or *pp is NULL or length is less than or equal zero.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_OBJECT *wolfSSL_c2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
- const unsigned char **pp, long len)
- {
- int err = 0;
- WOLFSSL_ASN1_OBJECT* ret = NULL;
- WOLFSSL_ENTER("wolfSSL_c2i_ASN1_OBJECT");
- /* Validate parameters. */
- if ((pp == NULL) || (*pp == NULL) || (len <= 0)) {
- WOLFSSL_MSG("Bad parameter");
- err = 1;
- }
- /* Create a new ASN.1 OBJECT_ID object. */
- if ((!err) && ((ret = wolfSSL_ASN1_OBJECT_new()) == NULL)) {
- WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_new error");
- err = 1;
- }
- if (!err) {
- /* Allocate memory for content octets. */
- ret->obj = (const unsigned char*)XMALLOC((size_t)len, NULL,
- DYNAMIC_TYPE_ASN1);
- if (ret->obj == NULL) {
- WOLFSSL_MSG("error allocating asn data memory");
- wolfSSL_ASN1_OBJECT_free(ret);
- ret = NULL;
- err = 1;
- }
- }
- if (!err) {
- /* Content octets buffer was dynamically allocated. */
- ret->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA;
- /* Copy in content octets and set size. */
- XMEMCPY((byte*)ret->obj, *pp, (size_t)len);
- ret->objSz = (unsigned int)len;
- /* Move pointer to after data copied out. */
- *pp += len;
- /* Return ASN.1 OBJECT_ID object through a if required. */
- if (a != NULL) {
- *a = ret;
- }
- }
- return ret;
- }
- #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
- #ifdef OPENSSL_EXTRA
- /* Write at most buf_len bytes of textual representation of ASN.1 OBJECT_ID.
- *
- * @param [in, out] buf Buffer to write to.
- * @param [in] buf_len Length of buffer in bytes.
- * @param [in] a ASN.1 OBJECT_ID object.
- * @return Number of bytes written on success.
- * @return 0 on failure.
- */
- int wolfSSL_i2t_ASN1_OBJECT(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a)
- {
- WOLFSSL_ENTER("wolfSSL_i2t_ASN1_OBJECT");
- return wolfSSL_OBJ_obj2txt(buf, buf_len, a, 0);
- }
- #ifndef NO_BIO
- /* Write out the text encoding of the ASN.1 OBJECT_ID.
- *
- * @param [in] bp BIO to write to.
- * @param [in] a ASN.1 OBJECT_ID object.
- * @return Number of bytes written on success.
- * @return 0 on failure.
- */
- int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp, WOLFSSL_ASN1_OBJECT *a)
- {
- int length = 0;
- int cLen = 0;
- word32 idx = 0;
- const char null_str[] = "NULL";
- const char invalid_str[] = "<INVALID>";
- char buf[80];
- WOLFSSL_ENTER("wolfSSL_i2a_ASN1_OBJECT");
- /* Validate parameters. */
- if (bp == NULL) {
- /* Do nothing. */
- }
- /* NULL object is written as "NULL". */
- else if (a == NULL) {
- /* Write "NULL" - as done in OpenSSL. */
- length = wolfSSL_BIO_write(bp, null_str, (int)XSTRLEN(null_str));
- }
- /* Try getting text version and write it out. */
- else if ((length = i2t_ASN1_OBJECT(buf, sizeof(buf), a)) > 0) {
- length = wolfSSL_BIO_write(bp, buf, length);
- }
- /* Look for DER header. */
- else if ((a->obj == NULL) || (a->obj[idx++] != ASN_OBJECT_ID)) {
- WOLFSSL_MSG("Bad ASN1 Object");
- }
- /* Get length from DER header. */
- else if (GetLength((const byte*)a->obj, &idx, &cLen, a->objSz) < 0) {
- length = 0;
- }
- else {
- /* Write out "<INVALID>" and dump content. */
- length = wolfSSL_BIO_write(bp, invalid_str, (int)XSTRLEN(invalid_str));
- length += wolfSSL_BIO_dump(bp, (const char*)(a->obj + idx), cLen);
- }
- return length;
- }
- #endif /* !NO_BIO */
- #endif /* OPENSSL_EXTRA */
- /*******************************************************************************
- * ASN1_SK_OBJECT APIs
- ******************************************************************************/
- #if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) && !defined(NO_ASN)
- /* Create a new WOLFSSL_ASN1_OBJECT stack.
- *
- * @return New WOLFSSL_ASN1_OBJECT stack on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_STACK* wolfSSL_sk_new_asn1_obj(void)
- {
- WOLFSSL_ENTER("wolfSSL_sk_new_asn1_obj");
- return wolfssl_sk_new_type(STACK_TYPE_OBJ);
- }
- /* Dispose of WOLFSL_ASN1_OBJECT stack.
- *
- * @param [in, out] sk Stack to free nodes in.
- */
- void wolfSSL_sk_ASN1_OBJECT_free(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk)
- {
- /* Dispose of stack. */
- wolfSSL_sk_free(sk);
- }
- /* Dispose of all ASN.1 OBJECT_ID objects in ASN1_OBJECT stack.
- *
- * This is different then wolfSSL_ASN1_OBJECT_free in that it allows for
- * choosing the function to use when freeing an ASN1_OBJECT stack.
- *
- * @param [in, out] sk ASN.1 OBJECT_ID stack to free.
- * @param [in] f Free function to apply to each ASN.1 OBJECT_ID object.
- */
- void wolfSSL_sk_ASN1_OBJECT_pop_free(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk,
- void (*f) (WOLFSSL_ASN1_OBJECT*))
- {
- WOLFSSL_ENTER("wolfSSL_sk_ASN1_OBJECT_pop_free");
- wolfSSL_sk_pop_free(sk, (wolfSSL_sk_freefunc)f);
- }
- /* Push a WOLFSSL_ASN1_OBJECT onto stack.
- *
- * @param [in, out] sk ASN.1 OBJECT_ID stack.
- * @param [in] obj ASN.1 OBJECT_ID object to push on. Cannot be NULL.
- * @return 1 on success.
- * @return 0 when sk or obj is NULL.
- * @return 0 when dynamic memory allocation fails.
- */
- int wolfSSL_sk_ASN1_OBJECT_push(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk,
- WOLFSSL_ASN1_OBJECT* obj)
- {
- int ret = 0;
- WOLFSSL_ENTER("wolfSSL_sk_ASN1_OBJECT_push");
- /* Push on when we have a stack and object to work with. */
- if ((sk != NULL) && (obj != NULL)) {
- ret = wolfSSL_sk_push(sk, obj);
- }
- return ret;
- }
- /* Pop off a WOLFSSL_ASN1_OBJECT from the stack.
- *
- * @param [in, out] sk ASN.1 OBJECT_ID stack.
- * @return ASN.1 OBJECT_ID object on success.
- * @return NULL when stack is NULL or no nodes left in stack.
- */
- WOLFSSL_ASN1_OBJECT* wolfSSL_sk_ASN1_OBJECT_pop(
- WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk)
- {
- return (WOLFSSL_ASN1_OBJECT*)wolfssl_sk_pop_type(sk, STACK_TYPE_OBJ);
- }
- #endif /* (OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL) && !NO_ASN */
- /*******************************************************************************
- * ASN1_STRING APIs
- ******************************************************************************/
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- /* Create a new ASN.1 STRING object.
- *
- * @return New ASN.1 STRING object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_new(void)
- {
- WOLFSSL_ASN1_STRING* asn1;
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_new");
- #endif
- asn1 = (WOLFSSL_ASN1_STRING*)XMALLOC(sizeof(WOLFSSL_ASN1_STRING), NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (asn1 != NULL) {
- XMEMSET(asn1, 0, sizeof(WOLFSSL_ASN1_STRING));
- }
- return asn1;
- }
- /* Create a new ASN.1 STRING object.
- *
- * @param [in] type Encoding type.
- * @return New ASN.1 STRING object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_type_new(int type)
- {
- WOLFSSL_ASN1_STRING* asn1;
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_type_new");
- #endif
- asn1 = wolfSSL_ASN1_STRING_new();
- if (asn1 != NULL) {
- asn1->type = type;
- }
- return asn1;
- }
- /* Dispose of ASN.1 STRING object.
- *
- * @param [in, out] asn1 ASN.1 STRING object.
- */
- void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1)
- {
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_free");
- #endif
- /* Check we have an object to free. */
- if (asn1 != NULL) {
- /* Dispose of dynamic data. */
- if ((asn1->length > 0) && asn1->isDynamic) {
- XFREE(asn1->data, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- }
- /* Dispose of ASN.1 STRING object. */
- XFREE(asn1, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- /* Copy an ASN.1 STRING object from src into dest.
- *
- * @param [in, out] dest ASN.1 STRING object to copy into.
- * @param [in] src ASN.1 STRING object to copy from.
- */
- int wolfSSL_ASN1_STRING_copy(WOLFSSL_ASN1_STRING* dest,
- const WOLFSSL_ASN1_STRING* src)
- {
- int ret = 1;
- /* Validate parameters. */
- if ((src == NULL) || (dest == NULL)) {
- ret = 0;
- }
- /* Set the DER encoding. */
- if ((ret == 1) && (wolfSSL_ASN1_STRING_set(dest, src->data, src->length) !=
- 1)) {
- ret = 0;
- }
- if (ret == 1) {
- /* Copy simple fields. */
- dest->type = src->type;
- dest->flags = src->flags;
- }
- return ret;
- }
- /* Duplicate an ASN.1 STRING object.
- *
- * @param [in] asn1 ASN.1 STRING object to duplicate.
- * @return New ASN.1 STRING object on success.
- * @return NULL when asn1 is NULL or dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_dup(WOLFSSL_ASN1_STRING* asn1)
- {
- WOLFSSL_ASN1_STRING* dupl = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_dup");
- /* Check we have an object to duplicate. */
- if (asn1 == NULL) {
- WOLFSSL_MSG("Bad parameter");
- }
- else {
- /* Create a new ASN.1 STRING object. */
- dupl = wolfSSL_ASN1_STRING_new();
- if (dupl == NULL) {
- WOLFSSL_MSG("wolfSSL_ASN1_STRING_new error");
- }
- }
- if (dupl != NULL) {
- /* Copy the contents. */
- if (wolfSSL_ASN1_STRING_copy(dupl, asn1) != 1) {
- WOLFSSL_MSG("wolfSSL_ASN1_STRING_copy error");
- /* Dispose of duplicate and return NULL. */
- wolfSSL_ASN1_STRING_free(dupl);
- dupl = NULL;
- }
- }
- return dupl;
- }
- /* Compare two ASN.1 STRING objects.
- *
- * Compares type when data the same.
- *
- * @param [in] a First ASN.1 STRING object.
- * @param [in] b Second ASN.1 STRING object.
- * @return Negative value when a is less than b.
- * @return 0 when a equals b.
- * @return Positive value when a is greater than b.
- * @return -1 when a or b is NULL.
- */
- int wolfSSL_ASN1_STRING_cmp(const WOLFSSL_ASN1_STRING *a,
- const WOLFSSL_ASN1_STRING *b)
- {
- int ret;
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_cmp");
- /* Validate parameters. */
- if ((a == NULL) || (b == NULL)) {
- ret = -1;
- }
- /* Compare length of data. */
- else if (a->length != b->length) {
- ret = a->length - b->length;
- }
- /* Compare data. */
- else if ((ret = XMEMCMP(a->data, b->data, (size_t)a->length)) == 0) {
- /* Compare ASN.1 types - wolfSSL_ASN1_STRING_type_new(). */
- ret = a->type - b->type;
- }
- return ret;
- }
- #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
- #if defined(OPENSSL_EXTRA)
- #if !defined(NO_CERTS)
- #ifndef NO_WOLFSSL_STUB
- WOLFSSL_ASN1_STRING* wolfSSL_d2i_DISPLAYTEXT(WOLFSSL_ASN1_STRING **asn,
- const unsigned char **in, long len)
- {
- WOLFSSL_STUB("d2i_DISPLAYTEXT");
- (void)asn;
- (void)in;
- (void)len;
- return NULL;
- }
- #endif
- #endif /* !NO_CERTS */
- #endif /* OPENSSL_EXTRA */
- #ifndef NO_ASN
- #if defined(OPENSSL_EXTRA)
- /* Convert ASN.1 STRING that is UniversalString type to PrintableString type.
- *
- * @param [in, out] s ASN.1 STRING object to convert.
- * @return 1 on success.
- * @return 0 when s is NULL.
- * @return 0 when type is not UniversalString or string is not of that format.
- */
- int wolfSSL_ASN1_UNIVERSALSTRING_to_string(WOLFSSL_ASN1_STRING *s)
- {
- int ret = 1;
- char* p;
- WOLFSSL_ENTER("wolfSSL_ASN1_UNIVERSALSTRING_to_string");
- /* Validate parameter. */
- if (s == NULL) {
- WOLFSSL_MSG("Bad parameter");
- ret = 0;
- }
- /* Check type of ASN.1 STRING. */
- if ((ret == 1) && (s->type != V_ASN1_UNIVERSALSTRING)) {
- WOLFSSL_MSG("Input is not a universal string");
- ret = 0;
- }
- /* Check length is indicative of UNIVERSAL_STRING. */
- if ((ret == 1) && ((s->length % 4) != 0)) {
- WOLFSSL_MSG("Input string must be divisible by 4");
- ret = 0;
- }
- if (ret == 1) {
- /* Ensure each UniversalString character looks right. */
- for (p = s->data; p < s->data + s->length; p += 4)
- if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
- break;
- /* Check whether we failed loop early. */
- if (p != s->data + s->length) {
- WOLFSSL_MSG("Wrong string format");
- ret = 0;
- }
- }
- if (ret == 1) {
- char* copy;
- /* Strip first three bytes of each four byte character. */
- for (copy = p = s->data; p < s->data + s->length; p += 4) {
- *copy++ = p[3];
- }
- /* Place NUL on end. */
- *copy = '\0';
- /* Update length and type. */
- s->length /= 4;
- s->type = V_ASN1_PRINTABLESTRING;
- }
- return ret;
- }
- #endif /* OPENSSL_EXTRA */
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- /* Convert ASN.1 STRING to UTF8 encoding.
- *
- * Assumes stored encoding is UTF8.
- * Returned buffer should be freed using OPENSSL_free().
- *
- * @param [out] out Pointer to return allocated string.
- * @param [in] asn1 ASN.1 STRING object.
- * @return Length of string, excluding NUL, on success.
- * @return -1 when out or asn1 is NULL.
- * @return -1 when no data to return.
- * @return -1 dynamic memory allocation fails.
- */
- int wolfSSL_ASN1_STRING_to_UTF8(unsigned char **out, WOLFSSL_ASN1_STRING *asn1)
- {
- unsigned char* buf = NULL;
- unsigned char* data = NULL;
- int len = -1;
- /* Validate parameters. */
- if ((out != NULL) && (asn1 != NULL)) {
- /* Get data and length. */
- data = wolfSSL_ASN1_STRING_data(asn1);
- len = wolfSSL_ASN1_STRING_length(asn1);
- /* Check data and length are usable. */
- if ((data == NULL) || (len < 0)) {
- len = -1;
- }
- }
- if (len != -1) {
- /* Allocate buffer to hold string and NUL. */
- buf = (unsigned char*)XMALLOC((size_t)(len + 1), NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (buf == NULL) {
- len = -1;
- }
- }
- if (len != -1) {
- /* Copy in string - NUL always put on end of stored string. */
- XMEMCPY(buf, data, (size_t)(len + 1));
- /* Return buffer. */
- *out = buf;
- }
- return len;
- }
- #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
- #if defined(OPENSSL_EXTRA)
- /* Encode ASN.1 STRING data as hex digits separated by colon.
- *
- * Assumes length is greater than 0.
- *
- * @param [in] s ASN.1 STRING object.
- * @return Buffer containing string representation on success.
- * @return NULL when dynamic memory allocation fails.
- * @return NULL when encoding a character as hex fails.
- */
- static char* wolfssl_asn1_string_to_hex_chars(const WOLFSSL_ASN1_STRING *s)
- {
- char* tmp;
- int tmpSz = s->length * 3;
- tmp = (char*)XMALLOC((size_t)tmpSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (tmp == NULL) {
- WOLFSSL_MSG("Memory Error");
- }
- else {
- int i;
- unsigned char* str = (unsigned char*)s->data;
- /* Put out all but last character as a hex digit with ':'. */
- for (i = 0; i < s->length; i++) {
- /* Put in hex digit string at end of tmp. */
- ByteToHexStr(str[i], tmp + i * 3);
- /* Check not last character. */
- if (i < s->length - 1) {
- /* Put in separator: ':'. */
- tmp[i * 3 + 2] = ':';
- }
- /* Last character. */
- else {
- /* Put in NUL to terminate string. */
- tmp[i * 3 + 2] = '\0';
- }
- }
- }
- return tmp;
- }
- /* Create a string encoding of ASN.1 STRING object.
- *
- * @param [in] method Method table. Unused.
- * @param [in] s ASN.1 STRING object.
- * @return Buffer containing string representation on success.
- * @return NULL when s or data is NULL.
- * @return NULL when dynamic memory allocation fails.
- * @return NULL when encoding a character as hex fails.
- */
- char* wolfSSL_i2s_ASN1_STRING(WOLFSSL_v3_ext_method *method,
- const WOLFSSL_ASN1_STRING *s)
- {
- char* ret = NULL;
- WOLFSSL_ENTER("wolfSSL_i2s_ASN1_STRING");
- (void)method;
- /* Validate parameters. */
- if ((s == NULL) || (s->data == NULL)) {
- WOLFSSL_MSG("Bad Function Argument");
- }
- /* Handle 0 length data separately. */
- else if (s->length == 0) {
- ret = (char *)XMALLOC(1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (ret != NULL) {
- ret[0] = '\0';
- }
- }
- else {
- /* Convert unreadable strings to hexadecimal. */
- ret = wolfssl_asn1_string_to_hex_chars(s);
- }
- return ret;
- }
- #endif /* OPENSSL_EXTRA */
- #endif /* NO_ASN */
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- /* Get the type of encoding.
- *
- * @param [in] asn1 ASN.1 STRING object.
- * @return Encoding type on success.
- * @return 0 when asn1 is NULL or no encoding set.
- */
- int wolfSSL_ASN1_STRING_type(const WOLFSSL_ASN1_STRING* asn1)
- {
- int type = 0;
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_type");
- #endif
- if (asn1 != NULL) {
- type = asn1->type;
- }
- return type;
- }
- #ifndef NO_CERTS
- /* Get the pointer that is the data.
- *
- * @param [in] asn ASN.1 STRING object.
- * @return Buffer with string on success.
- * @return NULL when asn is NULL or no data set.
- */
- const unsigned char* wolfSSL_ASN1_STRING_get0_data(
- const WOLFSSL_ASN1_STRING* asn)
- {
- char* data = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_get0_data");
- if (asn != NULL) {
- data = asn->data;
- }
- return (const unsigned char*)data;
- }
- /* Get the pointer that is the data.
- *
- * @param [in] asn ASN.1 STRING object.
- * @return Buffer with string on success.
- * @return NULL when asn is NULL or no data set.
- */
- unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING* asn)
- {
- char* data = NULL;
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_data");
- #endif
- if (asn != NULL) {
- data = asn->data;
- }
- return (unsigned char*)data;
- }
- /* Get the length of the data.
- *
- * @param [in] asn ASN.1 STRING object.
- * @return String length on success.
- * @return 0 when asn is NULL or no data set.
- */
- int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING* asn)
- {
- int len = 0;
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_length");
- #endif
- if (asn) {
- len = asn->length;
- }
- return len;
- }
- #endif /* !NO_CERTS */
- /* Set the string data.
- *
- * When sz is less than 0, the string length will be calculated using XSTRLEN.
- *
- * @param [in, out] asn1 ASN.1 STRING object.
- * @param [in] data String data to set.
- * @param [in] sz Length of data to set in bytes.
- * @return 1 on success.
- * @return 0 when asn1 is NULL or data is NULL and sz is not zero.
- * @return 0 when dynamic memory allocation fails.
- */
- int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, const void* data, int sz)
- {
- int ret = 1;
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_set");
- #endif
- /* Validate parameters. */
- if ((asn1 == NULL) || ((data == NULL) && (sz != 0))) {
- ret = 0;
- }
- /* Calculate size from data if not passed in. */
- if ((ret == 1) && (sz < 0)) {
- sz = (int)XSTRLEN((const char*)data);
- if (sz < 0) {
- ret = 0;
- }
- }
- if (ret == 1) {
- /* Dispose of any existing dynamic data. */
- if (asn1->isDynamic) {
- XFREE(asn1->data, NULL, DYNAMIC_TYPE_OPENSSL);
- asn1->data = NULL;
- }
- /* Check string will fit - including NUL. */
- if (sz + 1 > CTC_NAME_SIZE) {
- /* Allocate new buffer. */
- asn1->data = (char*)XMALLOC((size_t)(sz + 1), NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (asn1->data == NULL) {
- ret = 0;
- }
- else {
- /* Ensure buffer will be freed. */
- asn1->isDynamic = 1;
- }
- }
- else {
- /* Clear out fixed array and use it for data. */
- XMEMSET(asn1->strData, 0, CTC_NAME_SIZE);
- asn1->data = asn1->strData;
- asn1->isDynamic = 0;
- }
- }
- if (ret == 1) {
- /* Check if there is a string to copy. */
- if (data != NULL) {
- /* Copy string and append NUL. */
- XMEMCPY(asn1->data, data, (size_t)sz);
- asn1->data[sz] = '\0';
- }
- /* Set size of string. */
- asn1->length = sz;
- }
- return ret;
- }
- #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- #ifndef NO_CERTS
- /* Make a UTF8 canonical version of ASN.1 STRING object's data.
- *
- * @param [in, out] asn ASN.1 STRING to set.
- */
- static void wolfssl_asn1_string_canonicalize(WOLFSSL_ASN1_STRING* asn)
- {
- char* src = asn->data;
- char* p = asn->data + asn->length - 1;
- int len = asn->length;
- int i;
- /* Trim whitespace from the tail. */
- for (; (len > 0) && (XISSPACE((unsigned char)*p)); len--) {
- p--;
- }
- if (len > 0) {
- /* Trim whitespace from the head. */
- for (; XISSPACE((unsigned char)*src); len--) {
- src++;
- }
- }
- /* Output at the start. */
- p = asn->data;
- /* Process each character in string after trim. */
- for (i = 0; i < len; p++, i++) {
- /* Check for non-ascii character. */
- if (!XISASCII(*src)) {
- /* Keep non-ascii character as-is. */
- *p = *src++;
- }
- /* Check for whitespace. */
- else if (XISSPACE((unsigned char)*src)) {
- /* Only use space character for whitespace. */
- *p = 0x20;
- /* Skip any succeeding whitespace characters. */
- while (XISSPACE((unsigned char)*++src)) {
- i++;
- }
- }
- else {
- /* Convert to lower case. */
- *p = (char)XTOLOWER((unsigned char)*src++);
- }
- }
- /* Set actual length after canonicalization. */
- asn->length = (int)(p - asn->data);
- }
- /* Make a canonical version of ASN.1 STRING object in ASN.1 STRING object.
- *
- * @param [in, out] asn_out ASN.1 STRING object to set.
- * @param [in] asn_in ASN.1 STRING object to get data from.
- * @return 1 on success.
- * @return BAD_FUNC_ARG when asn_out or asn_in is NULL.
- * @return 0 when no data.
- * @return 0 when dynamic memory allocation fails.
- */
- int wolfSSL_ASN1_STRING_canon(WOLFSSL_ASN1_STRING* asn_out,
- const WOLFSSL_ASN1_STRING* asn_in)
- {
- int ret = 1;
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_canon");
- /* Validate parameters. */
- if ((asn_out == NULL) || (asn_in == NULL)) {
- WOLFSSL_MSG("invalid function arguments");
- ret = BAD_FUNC_ARG;
- }
- if (ret == 1) {
- switch (asn_in->type) {
- case MBSTRING_UTF8:
- case V_ASN1_PRINTABLESTRING:
- /* Set type to UTF8. */
- asn_out->type = MBSTRING_UTF8;
- /* Dispose of any dynamic data already in asn_out. */
- if (asn_out->isDynamic) {
- XFREE(asn_out->data, NULL, DYNAMIC_TYPE_OPENSSL);
- asn_out->data = NULL;
- }
- /* Make ASN.1 STRING into UTF8 buffer. */
- asn_out->length = wolfSSL_ASN1_STRING_to_UTF8(
- (unsigned char**)&asn_out->data,
- (WOLFSSL_ASN1_STRING*)asn_in);
- /* Check for error from creating UTF8 string. */
- if (asn_out->length < 0) {
- ret = 0;
- }
- else {
- /* Data now dynamic after converting to UTF8. */
- asn_out->isDynamic = 1;
- /* Canonicalize the data. */
- wolfssl_asn1_string_canonicalize(asn_out);
- if (asn_out->length == 0) {
- /* Dispose of data if canonicalization removes all
- * characters. */
- XFREE(asn_out->data, NULL, DYNAMIC_TYPE_OPENSSL);
- asn_out->data = NULL;
- asn_out->isDynamic = 0;
- }
- }
- break;
- default:
- /* Unrecognized format - just copy. */
- WOLFSSL_MSG("just copy string");
- ret = wolfSSL_ASN1_STRING_copy(asn_out, asn_in);
- }
- }
- return ret;
- }
- #endif /* !NO_CERTS */
- #endif /* (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) && !WOLFCRYPT_ONLY */
- #if defined(OPENSSL_EXTRA)
- #if !defined(NO_ASN)
- #ifndef NO_BIO
- /* Returns boolean indicating character is unprintable.
- *
- * @param [in] c ASCII character.
- * @return 1 when character is unprintable.
- * @return 0 when character is printable.
- */
- static int wolfssl_unprintable_char(char c)
- {
- const unsigned char last_unprintable = 31;
- const unsigned char LF = 10; /* Line Feed */
- const unsigned char CR = 13; /* Carriage Return */
- return (c <= last_unprintable) && (c != LF) && (c != CR);
- }
- /* Print ASN.1 STRING to BIO.
- *
- * TODO: Unprintable characters conversion is destructive.
- *
- * @param [in] bio BIO to print to.
- * @param [in] str ASN.1 STRING to print.
- * @return Length of string written on success.
- * @return 0 when bio or str is NULL.
- * @return 0 when writing to BIO fails.
- */
- int wolfSSL_ASN1_STRING_print(WOLFSSL_BIO *bio, WOLFSSL_ASN1_STRING *str)
- {
- int len = 0;
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_print");
- /* Validate parameters. */
- if ((bio != NULL) && (str != NULL)) {
- int i;
- len = str->length;
- /* Convert all unprintable characters to '.'. */
- for (i = 0; i < len; i++) {
- if (wolfssl_unprintable_char(str->data[i])) {
- str->data[i] = '.';
- }
- }
- /* Write string to BIO. */
- if (wolfSSL_BIO_write(bio, str->data, len) != len) {
- len = 0;
- }
- }
- return len;
- }
- #endif /* !NO_BIO */
- #endif /* !NO_ASN */
- /* Get a string for the ASN.1 tag.
- *
- * @param [in] tag ASN.1 tag.
- * @return A string.
- */
- const char* wolfSSL_ASN1_tag2str(int tag)
- {
- static const char *const tag_label[31] = {
- "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", "NULL",
- "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", "ENUMERATED",
- "<ASN1 11>", "UTF8STRING", "<ASN1 13>", "<ASN1 14>", "<ASN1 15>",
- "SEQUENCE", "SET", "NUMERICSTRING", "PRINTABLESTRING", "T61STRING",
- "VIDEOTEXTSTRING", "IA5STRING", "UTCTIME", "GENERALIZEDTIME",
- "GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING", "UNIVERSALSTRING",
- "<ASN1 29>", "BMPSTRING"
- };
- const char* str = "(unknown)";
- /* Clear negative flag. */
- if ((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED)) {
- tag &= ~V_ASN1_NEG;
- }
- /* Check for known basic types. */
- if ((tag >= 0) && (tag <= 30)) {
- str = tag_label[tag];
- }
- return str;
- }
- #ifndef NO_BIO
- /* Print out ASN.1 tag for the ASN.1 STRING to the BIO.
- *
- * @param [in] bio BIO to write to.
- * @param [in] str ASN.1 STRING object.
- * @return Number of characters written on success.
- * @return 0 when BIO write fails.
- */
- static int wolfssl_string_print_type(WOLFSSL_BIO *bio, WOLFSSL_ASN1_STRING *str)
- {
- int type_len;
- const char *tag;
- /* Get tag and string length. */
- tag = wolfSSL_ASN1_tag2str(str->type);
- type_len = (int)XSTRLEN(tag);
- /* Write tag to BIO. */
- if (wolfSSL_BIO_write(bio, tag, type_len) != type_len){
- type_len = 0;
- }
- /* Write colon after tag string. */
- else if (wolfSSL_BIO_write(bio, ":", 1) != 1) {
- type_len = 0;
- }
- else {
- /* Written colon - update count. */
- type_len++;
- }
- return type_len;
- }
- /* Dump hex digit representation of each string character to BIO.
- *
- * TODO: Assumes length is only one byte ie less than 128 characters long.
- *
- * @param [in] bio BIO to write to.
- * @param [in] str ASN.1 STRING object.
- * @param [in] asDer Whether to write out as a DER encoding.
- * @return Number of characters written to BIO on success.
- * @return -1 when writing to BIO fails.
- */
- static int wolfssl_asn1_string_dump_hex(WOLFSSL_BIO *bio,
- WOLFSSL_ASN1_STRING *str, int asDer)
- {
- const char* hash="#";
- char hex_tmp[4];
- int str_len = 1;
- /* Write out hash character to indicate hex string. */
- if (wolfSSL_BIO_write(bio, hash, 1) != 1) {
- str_len = -1;
- }
- else {
- /* Check if we are to write out DER header. */
- if (asDer) {
- /* Encode tag and length as hex into temporary. */
- ByteToHexStr((byte)str->type, &hex_tmp[0]);
- ByteToHexStr((byte)str->length, &hex_tmp[2]);
- /* Update count of written characters: tag and length. */
- str_len += 4;
- /* Write out tag and length as hex digits. */
- if (wolfSSL_BIO_write(bio, hex_tmp, 4) != 4) {
- str_len = -1;
- }
- }
- }
- if (str_len != -1) {
- char* p;
- char* end;
- /* Calculate end of string. */
- end = str->data + str->length - 1;
- for (p = str->data; p <= end; p++) {
- /* Encode string character as hex into temporary. */
- ByteToHexStr((byte)*p, hex_tmp);
- /* Update count of written characters. */
- str_len += 2;
- /* Write out character as hex digites. */
- if (wolfSSL_BIO_write(bio, hex_tmp, 2) != 2) {
- str_len = -1;
- break;
- }
- }
- }
- return str_len;
- }
- /* Check whether character needs to be escaped.
- *
- * @param [in] c Character to check for.
- * @param [in] str String to check.
- * @return 1 when character found.
- * @return 0 when character not found.
- */
- static int wolfssl_check_esc_char(char c)
- {
- int ret = 0;
- const char esc_ch[] = "+;<>\\";
- const char* p = esc_ch;
- /* Check if character matches any of those needing escaping. */
- for (; (*p) != '\0'; p++) {
- /* Check if character matches escape character. */
- if (c == (*p)) {
- ret = 1;
- break;
- }
- }
- return ret;
- }
- /* Print out string, with escaping for special characters, to BIO.
- *
- * @param [in] bio BIO to write to.
- * @param [in] str ASN.1 STRING object.
- * @return Number of characters written to BIO on success.
- * @return -1 when writing to BIO fails.
- */
- static int wolfssl_asn1_string_print_esc_2253(WOLFSSL_BIO *bio,
- WOLFSSL_ASN1_STRING *str)
- {
- char* p;
- int str_len = 0;
- /* Write all of string character by character. */
- for (p = str->data; (*p) != '\0'; p++) {
- /* Check if character needs escaping. */
- if (wolfssl_check_esc_char(*p)){
- /* Update count of written characters. */
- str_len++;
- /* Write out escaping character. */
- if (wolfSSL_BIO_write(bio,"\\", 1) != 1) {
- str_len = -1;
- break;
- }
- }
- /* Update count of written characters. */
- str_len++;
- /* Write out character. */
- if (wolfSSL_BIO_write(bio, p, 1) != 1) {
- str_len = -1;
- break;
- }
- }
- return str_len;
- }
- /* Extended print ASN.1 STRING to BIO.
- *
- * @param [in] bio BIO to print to.
- * @param [in] str ASN.1 STRING to print.
- * @param [in] flags Flags describing output format.
- * @return Length of string written on success.
- * @return 0 when bio or str is NULL.
- * @return 0 when writing to BIO fails.
- */
- int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *bio, WOLFSSL_ASN1_STRING *str,
- unsigned long flags)
- {
- int err = 0;
- int str_len = -1;
- int type_len = 0;
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_PRINT_ex");
- /* Validate parameters. */
- if ((bio == NULL) || (str == NULL)) {
- err = 1;
- }
- /* Check if ASN.1 type is to be printed. */
- if ((!err) && (flags & ASN1_STRFLGS_SHOW_TYPE)) {
- /* Print type and colon to BIO. */
- type_len = wolfssl_string_print_type(bio, str);
- if (type_len == 0) {
- err = 1;
- }
- }
- if (!err) {
- if (flags & ASN1_STRFLGS_DUMP_ALL) {
- /* Dump hex. */
- str_len = wolfssl_asn1_string_dump_hex(bio, str,
- flags & ASN1_STRFLGS_DUMP_DER);
- }
- else if (flags & ASN1_STRFLGS_ESC_2253) {
- /* Print out string with escaping. */
- str_len = wolfssl_asn1_string_print_esc_2253(bio, str);
- }
- else {
- /* Get number of characters to write. */
- str_len = str->length;
- /* Print out string as is. */
- if (wolfSSL_BIO_write(bio, str->data, str_len) != str_len) {
- err = 1;
- }
- }
- }
- if ((!err) && (str_len != -1)) {
- /* Include any characters written for type. */
- str_len += type_len;
- }
- else {
- str_len = 0;
- }
- return str_len;
- }
- #endif /* !NO_BIO */
- #endif /* OPENSSL_EXTRA */
- /*******************************************************************************
- * ASN1_GENERALIZEDTIME APIs
- ******************************************************************************/
- #ifdef OPENSSL_EXTRA
- /* Free the static ASN.1 GENERALIZED TIME object.
- *
- * Not an OpenSSL compatibility API.
- *
- * @param [in] asn1Time ASN.1 GENERALIZED TIME object.
- */
- void wolfSSL_ASN1_GENERALIZEDTIME_free(WOLFSSL_ASN1_TIME* asn1Time)
- {
- WOLFSSL_ENTER("wolfSSL_ASN1_GENERALIZEDTIME_free");
- if (asn1Time != NULL) {
- XMEMSET(asn1Time->data, 0, sizeof(asn1Time->data));
- }
- }
- #ifndef NO_BIO
- /* Return the month as a string.
- *
- * Assumes n is '01'-'12'.
- *
- * @param [in] n The number of the month as a two characters (1 based).
- * @return Month as a string.
- */
- static WC_INLINE const char* MonthStr(const char* n)
- {
- static const char monthStr[12][4] = {
- "Jan", "Feb", "Mar", "Apr", "May", "Jun",
- "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
- const char* month = "BAD";
- int i;
- i = (n[0] - '0') * 10 + (n[1] - '0') - 1;
- /* Convert string to number and index table. */
- if ((i >= 0) && (i < 12)) {
- month = monthStr[i];
- }
- return month;
- }
- /* Print an ASN.1 GENERALIZED TIME to a BIO.
- *
- * @param [in] bio BIO to write to.
- * @param [in] asnTime ASN.1 GENERALIZED TIME object.
- * @return 1 on success.
- * @return 0 when ASN.1 GENERALIZED TIME type is invalid.
- * @return 0 when writing to BIO fails.
- * @return BAD_FUNC_ARG when bio or asnTime is NULL.
- */
- int wolfSSL_ASN1_GENERALIZEDTIME_print(WOLFSSL_BIO* bio,
- const WOLFSSL_ASN1_GENERALIZEDTIME* asnTime)
- {
- int ret = 1;
- const char* p = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_GENERALIZEDTIME_print");
- /* Validate parameters. */
- if ((bio == NULL) || (asnTime == NULL)) {
- ret = BAD_FUNC_ARG;
- }
- /* Check type is GENERALIZED TIME. */
- if ((ret == 1) && (asnTime->type != V_ASN1_GENERALIZEDTIME)) {
- WOLFSSL_MSG("Error, not GENERALIZED_TIME");
- ret = 0;
- }
- if (ret == 1) {
- /* Get the string. */
- p = (const char *)(asnTime->data);
- /* Print month as a 3 letter string. */
- if (wolfSSL_BIO_write(bio, MonthStr(p + 4), 3) != 3) {
- ret = 0;
- }
- }
- /* Print space separator. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, " ", 1) != 1)) {
- ret = 0;
- }
- /* Print day. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, p + 6, 2) != 2)) {
- ret = 0;
- }
- /* Print space separator. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, " ", 1) != 1)) {
- ret = 0;
- }
- /* Print hour. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, p + 8, 2) != 2)) {
- ret = 0;
- }
- /* Print time separator - colon. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, ":", 1) != 1)) {
- ret = 0;
- }
- /* Print minutes. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, p + 10, 2) != 2)) {
- ret = 0;
- }
- /* Print time separator - colon. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, ":", 1) != 1)) {
- ret = 0;
- }
- /* Print seconds. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, p + 12, 2) != 2)) {
- ret = 0;
- }
- /* Print space separator. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, " ", 1) != 1)) {
- ret = 0;
- }
- /* Print year. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, p, 4) != 4)) {
- ret = 0;
- }
- return ret;
- }
- #endif /* !NO_BIO */
- #endif /* OPENSSL_EXTRA */
- /*******************************************************************************
- * ASN1_TIME APIs
- ******************************************************************************/
- #ifndef NO_ASN_TIME
- #ifdef OPENSSL_EXTRA
- /* Allocate a new ASN.1 TIME object.
- *
- * @return New empty ASN.1 TIME object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_new(void)
- {
- WOLFSSL_ASN1_TIME* ret;
- /* Allocate a new ASN.1 TYPE object. */
- ret = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (ret != NULL) {
- /* Clear out fields. */
- XMEMSET(ret, 0, sizeof(WOLFSSL_ASN1_TIME));
- }
- return ret;
- }
- /* Dispose of ASN.1 TIME object.
- *
- * @param [in, out] t ASN.1 TIME object.
- */
- void wolfSSL_ASN1_TIME_free(WOLFSSL_ASN1_TIME* t)
- {
- /* Dispose of ASN.1 TIME object. */
- XFREE(t, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- #ifndef NO_WOLFSSL_STUB
- /* Set the Unix time GMT into ASN.1 TIME object.
- *
- * Not implemented.
- *
- * @param [in, out] a ASN.1 TIME object.
- * @param [in] t Unix time GMT.
- * @return An ASN.1 TIME object.
- */
- WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *a, time_t t)
- {
- WOLFSSL_STUB("wolfSSL_ASN1_TIME_set");
- (void)a;
- (void)t;
- return a;
- }
- #endif /* !NO_WOLFSSL_STUB */
- /* Convert time to Unix time (GMT).
- *
- * @param [in] sec Second in minute. 0-59.
- * @param [in] minute Minute in hour. 0-59.
- * @param [in] hour Hour in day. 0-23.
- * @param [in] mday Day of month. 1-31.
- * @param [in] mon Month of year. 0-11
- * @param [in] year Year including century. ie: 1991, 2023, 2048.
- * @return Seconds since 00:00:00 01/01/1970 for the time passed in.
- */
- static long long wolfssl_time_to_unix_time(int sec, int minute, int hour,
- int mday, int mon, int year)
- {
- /* Number of cumulative days from the previous months, starting from
- * beginning of January. */
- static const int monthDaysCumulative [12] = {
- 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334
- };
- int leapDays = year;
- /* Leap day at end of February. */
- if (mon <= 1) {
- --leapDays;
- }
- /* Calculate leap days. */
- leapDays = leapDays / 4 - leapDays / 100 + leapDays / 400 - 1969 / 4 +
- 1969 / 100 - 1969 / 400;
- /* Calculate number of seconds. */
- return ((((long long) (year - 1970) * 365 + leapDays +
- monthDaysCumulative[mon] + mday - 1) * 24 + hour) * 60 + minute) *
- 60 + sec;
- }
- /* Convert ASN.1 TIME object to Unix time (GMT).
- *
- * @param [in] t ASN.1 TIME object.
- * @param [out] secs Number of seconds since 00:00:00 01/01/1970.
- * @return 1 on success.
- * @return 0 when conversion of time fails.
- */
- static int wolfssl_asn1_time_to_secs(const WOLFSSL_ASN1_TIME* t,
- long long* secs)
- {
- int ret = 1;
- struct tm tm_s;
- struct tm *tmGmt = &tm_s;
- /* Convert ASN.1 TIME to broken-down time. NULL treated as current time. */
- ret = wolfSSL_ASN1_TIME_to_tm(t, tmGmt);
- if (ret != 1) {
- WOLFSSL_MSG("Failed to convert from time to struct tm.");
- }
- else {
- /* We use wolfssl_time_to_unix_time here instead of XMKTIME to avoid the
- * Year 2038 problem on platforms where time_t is 32 bits. struct tm
- * stores the year as years since 1900, so we add 1900 to the year. */
- *secs = wolfssl_time_to_unix_time(tmGmt->tm_sec, tmGmt->tm_min,
- tmGmt->tm_hour, tmGmt->tm_mday, tmGmt->tm_mon,
- tmGmt->tm_year + 1900);
- }
- return ret;
- }
- /* Calculate difference in time of two ASN.1 TIME objects.
- *
- * @param [out] days Number of whole days between from and to.
- * @param [out] secs Number of seconds less than a day between from and to.
- * @param [in] from ASN.1 TIME object as start time.
- * @param [in] to ASN.1 TIME object as end time.
- * @return 1 on success.
- * @return 0 when days or secs is NULL.
- * @return 0 when conversion of time fails.
- */
- int wolfSSL_ASN1_TIME_diff(int *days, int *secs, const WOLFSSL_ASN1_TIME *from,
- const WOLFSSL_ASN1_TIME *to)
- {
- int ret = 1;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_diff");
- /* Validate parameters. */
- if (days == NULL) {
- WOLFSSL_MSG("days is NULL");
- ret = 0;
- }
- if ((ret == 1) && (secs == NULL)) {
- WOLFSSL_MSG("secs is NULL");
- ret = 0;
- }
- if ((ret == 1) && ((from == NULL) && (to == NULL))) {
- *days = 0;
- *secs = 0;
- }
- else if (ret == 1) {
- const long long SECS_PER_DAY = 24 * 60 * 60;
- long long fromSecs;
- long long toSecs = 0;
- ret = wolfssl_asn1_time_to_secs(from, &fromSecs);
- if (ret == 1) {
- ret = wolfssl_asn1_time_to_secs(to, &toSecs);
- }
- if (ret == 1) {
- long long diffSecs = toSecs - fromSecs;
- *days = (int) (diffSecs / SECS_PER_DAY);
- *secs = (int) (diffSecs - ((long long)*days * SECS_PER_DAY));
- }
- }
- return ret;
- }
- /* Compare two ASN.1 TIME objects by comparing time value.
- *
- * @param [in] a First ASN.1 TIME object.
- * @param [in] b Second ASN.1 TIME object.
- * @return Negative value when a is less than b.
- * @return 0 when a equals b.
- * @return Positive value when a is greater than b.
- * @return -2 when a or b is invalid.
- */
- int wolfSSL_ASN1_TIME_compare(const WOLFSSL_ASN1_TIME *a,
- const WOLFSSL_ASN1_TIME *b)
- {
- int ret;
- int days;
- int secs;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_compare");
- /* Calculate difference in time between a and b. */
- if (wolfSSL_ASN1_TIME_diff(&days, &secs, a, b) != 1) {
- WOLFSSL_MSG("Failed to get time difference.");
- ret = -2;
- }
- else if (days == 0 && secs == 0) {
- /* a and b are the same time. */
- ret = 0;
- }
- else if (days >= 0 && secs >= 0) {
- /* a is before b. */
- ret = -1;
- }
- /* Assume wolfSSL_ASN1_TIME_diff creates coherent values. */
- else {
- ret = 1;
- }
- WOLFSSL_LEAVE("wolfSSL_ASN1_TIME_compare", ret);
- return ret;
- }
- #if !defined(USER_TIME) && !defined(TIME_OVERRIDES)
- /* Adjust the time into an ASN.1 TIME object.
- *
- * @param [in] a ASN.1 TIME object. May be NULL.
- * @param [in] t Time to offset.
- * @param [in] offset_day Number of days to offset. May be negative.
- * @param [in] offset_sec Number of seconds to offset. May be negative.
- * @return ASN.1 TIME object on success.
- * @return NULL when formatting time fails.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME* a, time_t t,
- int offset_day, long offset_sec)
- {
- WOLFSSL_ASN1_TIME* ret = NULL;
- const time_t sec_per_day = 24*60*60;
- int time_get;
- char time_str[MAX_TIME_STRING_SZ];
- time_t offset_day_sec = offset_day * sec_per_day;
- time_t t_adj = t + offset_day_sec + offset_sec;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_adj");
- /* Get time string as either UTC or GeneralizedTime. */
- time_get = GetFormattedTime(&t_adj, (byte*)time_str, MAX_TIME_STRING_SZ);
- if (time_get > 0) {
- ret = a;
- if (ret == NULL) {
- ret = wolfSSL_ASN1_TIME_new();
- }
- /* Set the string into the ASN.1 TIME object. */
- if ((wolfSSL_ASN1_TIME_set_string(ret, time_str) != 1) && (ret != a)) {
- wolfSSL_ASN1_TIME_free(ret);
- ret = NULL;
- }
- }
- return ret;
- }
- #endif /* !USER_TIME && !TIME_OVERRIDES */
- /* Get the length of the ASN.1 TIME data.
- *
- * Not an OpenSSL function - ASN1_TIME is not opaque.
- *
- * @param [in] t ASN.1 TIME object.
- * @return Length of data on success.
- * @return 0 when t is NULL or no time set.
- */
- int wolfSSL_ASN1_TIME_get_length(const WOLFSSL_ASN1_TIME *t)
- {
- int len = 0;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_get_length");
- if (t != NULL) {
- len = t->length;
- }
- return len;
- }
- /* Get the data from the ASN.1 TIME object.
- *
- * Not an OpenSSL function - ASN1_TIME is not opaque.
- *
- * @param [in] t ASN.1 TIME object.
- * @return Data buffer on success.
- * @return NULL when t is NULL.
- */
- unsigned char* wolfSSL_ASN1_TIME_get_data(const WOLFSSL_ASN1_TIME *t)
- {
- unsigned char* data = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_get_data");
- if (t != NULL) {
- data = (unsigned char*)t->data;
- }
- return data;
- }
- /* Check format of string in ASN.1 TIME object.
- *
- * @param [in] a ASN.1 TIME object.
- * @return 1 on success.
- * @return 0 when format invalid.
- */
- int wolfSSL_ASN1_TIME_check(const WOLFSSL_ASN1_TIME* a)
- {
- int ret = 1;
- char buf[MAX_TIME_STRING_SZ];
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_check");
- /* If can convert to human readable then format good. */
- if (wolfSSL_ASN1_TIME_to_string((WOLFSSL_ASN1_TIME*)a, buf,
- MAX_TIME_STRING_SZ) == NULL) {
- ret = 0;
- }
- return ret;
- }
- /* Set the time as a string into ASN.1 TIME object.
- *
- * When t is NULL, str is checked only.
- *
- * @param [in, out] t ASN.1 TIME object.
- * @param [in] str Time as a string.
- * @return 1 on success.
- * @return 0 when str is NULL.
- * @return 0 when str is not formatted correctly.
- */
- int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *t, const char *str)
- {
- int ret = 1;
- int slen = 0;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_set_string");
- if (str == NULL) {
- WOLFSSL_MSG("Bad parameter");
- ret = 0;
- }
- if (ret == 1) {
- /* Get length of string including NUL terminator. */
- slen = (int)XSTRLEN(str) + 1;
- if (slen > CTC_DATE_SIZE) {
- WOLFSSL_MSG("Date string too long");
- ret = 0;
- }
- }
- if ((ret == 1) && (t != NULL)) {
- /* Copy in string including NUL terminator. */
- XMEMCPY(t->data, str, (size_t)slen);
- /* Do not include NUL terminator in length. */
- t->length = slen - 1;
- /* Set ASN.1 type based on string length. */
- t->type = ((slen == ASN_UTC_TIME_SIZE) ? V_ASN1_UTCTIME :
- V_ASN1_GENERALIZEDTIME);
- }
- return ret;
- }
- /* Convert ASN.1 TIME object to ASN.1 GENERALIZED TIME object.
- *
- * @param [in] t ASN.1 TIME object.
- * @param [in, out] out ASN.1 GENERALIZED TIME object.
- * @return ASN.1 GENERALIZED TIME object on success.
- * @return NULL when t is NULL or t has wrong ASN.1 type.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t,
- WOLFSSL_ASN1_TIME **out)
- {
- WOLFSSL_ASN1_TIME *ret = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_to_generalizedtime");
- /* Validate parameters. */
- if (t == NULL) {
- WOLFSSL_MSG("Invalid ASN_TIME value");
- }
- /* Ensure ASN.1 type is one that is supported. */
- else if ((t->type != V_ASN1_UTCTIME) &&
- (t->type != V_ASN1_GENERALIZEDTIME)) {
- WOLFSSL_MSG("Invalid ASN_TIME type.");
- }
- /* Check for ASN.1 GENERALIZED TIME object being passed in. */
- else if ((out != NULL) && (*out != NULL)) {
- /* Copy into the passed in object. */
- ret = *out;
- }
- else {
- /* Create a new ASN.1 GENERALIZED TIME object. */
- ret = wolfSSL_ASN1_TIME_new();
- if (ret == NULL) {
- WOLFSSL_MSG("memory alloc failed.");
- }
- }
- if (ret != NULL) {
- /* Set the ASN.1 type and length of string. */
- ret->type = V_ASN1_GENERALIZEDTIME;
- ret->length = ASN_GENERALIZED_TIME_SIZE;
- if (t->type == V_ASN1_GENERALIZEDTIME) {
- /* Just copy as data already appropriately formatted. */
- XMEMCPY(ret->data, t->data, ASN_GENERALIZED_TIME_SIZE);
- }
- else {
- /* Convert UTC TIME to GENERALIZED TIME. */
- if (t->data[0] >= '5') {
- /* >= 50 is 1900s. */
- ret->data[0] = '1'; ret->data[1] = '9';
- }
- else {
- /* < 50 is 2000s. */
- ret->data[0] = '2'; ret->data[1] = '0';
- }
- /* Append rest of the data as it is the same. */
- XMEMCPY(&ret->data[2], t->data, ASN_UTC_TIME_SIZE);
- }
- /* Check for pointer to return result through. */
- if (out != NULL) {
- *out = ret;
- }
- }
- return ret;
- }
- #endif /* OPENSSL_EXTRA */
- #if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA)
- /* Get string from ASN.1 TIME object.
- *
- * Not an OpenSSL compatibility API.
- *
- * @param [in] t ASN.1 TIME object.
- * @param [in, out] buf Buffer to put string in.
- * @param [in] len Length of buffer in bytes.
- * @return buf on success.
- * @return NULL when t or buf is NULL, or len is less than 5.
- * @return NULL when ASN.1 TIME length is larger than len.
- * @return NULL when internal time format not valid.
- */
- char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* t, char* buf, int len)
- {
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_to_string");
- /* Validate parameters. */
- if ((t == NULL) || (buf == NULL) || (len < 5)) {
- WOLFSSL_MSG("Bad argument");
- buf = NULL;
- }
- /* Check internal length against passed in length. */
- if ((buf != NULL) && (t->length > len)) {
- WOLFSSL_MSG("Length of date is longer then buffer");
- buf = NULL;
- }
- /* Get time as human readable string. */
- if ((buf != NULL) && !GetTimeString(t->data, t->type, buf, len)) {
- buf = NULL;
- }
- return buf;
- }
- /* Number of characters in a UTC TIME string. */
- #define UTCTIME_LEN 13
- /* Get year from UTC TIME string.
- *
- * @param [in] str UTC TIME string.
- * @param [in] len Length of string in bytes.
- * @param [out] year Year as extracted from string.
- * @return 1 on success.
- * @return 0 when length is too short for a UTC TIME.
- * @return 0 when not ZULU time.
- */
- static int wolfssl_utctime_year(const unsigned char* str, int len, int* year)
- {
- int ret = 1;
- /* Check minimal length for UTC TIME. */
- if (len < UTCTIME_LEN) {
- WOLFSSL_MSG("WOLFSSL_ASN1_TIME buffer length is invalid.");
- ret = 0;
- }
- /* Only support ZULU time. */
- if ((ret == 1) && (str[UTCTIME_LEN - 1] != 'Z')) {
- WOLFSSL_MSG("Expecting UTC time.");
- ret = 0;
- }
- if (ret == 1) {
- int tm_year;
- /* 2-digit year. */
- tm_year = (str[0] - '0') * 10;
- tm_year += str[1] - '0';
- /* Check for year being in the 2000s. */
- if (tm_year < 50) {
- tm_year += 100;
- }
- *year = tm_year;
- }
- return ret;
- }
- /* Number of characters in a GENERALIZED TIME string. */
- #define GENTIME_LEN 15
- /* Get year from GENERALIZED TIME string.
- *
- * @param [in] str GENERALIZED TIME string.
- * @param [in] len Length of string in bytes.
- * @param [out] year Year as extracted from string.
- * @return 1 on success.
- * @return 0 when length is too short for a GENERALIZED TIME.
- * @return 0 when not ZULU time.
- */
- static int wolfssl_gentime_year(const unsigned char* str, int len, int* year)
- {
- int ret = 1;
- /* Check minimal length for GENERALIZED TIME. */
- if (len < GENTIME_LEN) {
- WOLFSSL_MSG("WOLFSSL_ASN1_TIME buffer length is invalid.");
- ret = 0;
- }
- if ((ret == 1) && (str[GENTIME_LEN - 1] != 'Z')) {
- WOLFSSL_MSG("Expecting Generalized time.");
- ret = 0;
- }
- if (ret == 1) {
- int tm_year;
- /* 4-digit year. */
- tm_year = (str[0] - '0') * 1000;
- tm_year += (str[1] - '0') * 100;
- tm_year += (str[2] - '0') * 10;
- tm_year += str[3] - '0';
- /* Only need value to be years since 1900. */
- tm_year -= 1900;
- *year = tm_year;
- }
- return ret;
- }
- /* Convert an ASN.1 TIME to a struct tm.
- *
- * @param [in] asnTime ASN.1 TIME object.
- * @param [in] tm Broken-down time. Must be non-NULL.
- * @return 1 on success.
- * @return 0 when string format is invalid.
- */
- static int wolfssl_asn1_time_to_tm(const WOLFSSL_ASN1_TIME* asnTime,
- struct tm* tm)
- {
- int ret = 1;
- const unsigned char* asn1TimeBuf;
- int asn1TimeBufLen;
- int i = 0;
- #ifdef XMKTIME
- struct tm localTm;
- XMEMSET(&localTm, 0, sizeof localTm);
- #endif
- /* Get the string buffer - fixed array, can't fail. */
- asn1TimeBuf = wolfSSL_ASN1_TIME_get_data(asnTime);
- /* Get the length of the string. */
- asn1TimeBufLen = wolfSSL_ASN1_TIME_get_length(asnTime);
- if (asn1TimeBufLen <= 0) {
- WOLFSSL_MSG("Failed to get WOLFSSL_ASN1_TIME buffer length.");
- ret = 0;
- }
- if (ret == 1) {
- /* Zero out values in broken-down time. */
- XMEMSET(tm, 0, sizeof(struct tm));
- if (asnTime->type == V_ASN1_UTCTIME) {
- /* Get year from UTC TIME string. */
- int tm_year;
- if ((ret = wolfssl_utctime_year(asn1TimeBuf, asn1TimeBufLen,
- &tm_year)) == 1) {
- tm->tm_year = tm_year;
- /* Month starts after year - 2 characters. */
- i = 2;
- }
- }
- else if (asnTime->type == V_ASN1_GENERALIZEDTIME) {
- /* Get year from GENERALIZED TIME string. */
- int tm_year;
- if ((ret = wolfssl_gentime_year(asn1TimeBuf, asn1TimeBufLen,
- &tm_year)) == 1) {
- tm->tm_year = tm_year;
- /* Month starts after year - 4 characters. */
- i = 4;
- }
- }
- else {
- /* No other time formats known. */
- WOLFSSL_MSG("asnTime->type is invalid.");
- ret = 0;
- }
- }
- if (ret == 1) {
- /* Fill in rest of broken-down time from string. */
- /* January is 0 not 1 */
- tm->tm_mon = (asn1TimeBuf[i] - '0') * 10; i++;
- tm->tm_mon += (asn1TimeBuf[i] - '0') - 1; i++;
- tm->tm_mday = (asn1TimeBuf[i] - '0') * 10; i++;
- tm->tm_mday += (asn1TimeBuf[i] - '0'); i++;
- tm->tm_hour = (asn1TimeBuf[i] - '0') * 10; i++;
- tm->tm_hour += (asn1TimeBuf[i] - '0'); i++;
- tm->tm_min = (asn1TimeBuf[i] - '0') * 10; i++;
- tm->tm_min += (asn1TimeBuf[i] - '0'); i++;
- tm->tm_sec = (asn1TimeBuf[i] - '0') * 10; i++;
- tm->tm_sec += (asn1TimeBuf[i] - '0');
- #ifdef XMKTIME
- XMEMCPY(&localTm, tm, sizeof(struct tm));
- /* Call XMKTIME on tm to get tm_wday and tm_yday fields populated.
- Note that localTm is used here to avoid modifying other fields,
- such as tm_isdst/tm_gmtoff. */
- XMKTIME(&localTm);
- tm->tm_wday = localTm.tm_wday;
- tm->tm_yday = localTm.tm_yday;
- #endif
- }
- return ret;
- }
- /* Get the current time into a broken-down time.
- *
- * @param [out] tm Broken-time time.
- * @return 1 on success.
- * @return 0 when tm is NULL.
- * @return 0 when get current time fails.
- * @return 0 when converting Unix time to broken-down time fails.
- */
- static int wolfssl_get_current_time_tm(struct tm* tm)
- {
- int ret = 1;
- time_t currentTime;
- struct tm *tmpTs;
- #if defined(NEED_TMP_TIME)
- /* for use with gmtime_r */
- struct tm tmpTimeStorage;
- tmpTs = &tmpTimeStorage;
- #else
- tmpTs = NULL;
- #endif
- (void)tmpTs;
- /* Must have a pointer to return result into. */
- if (tm == NULL) {
- WOLFSSL_MSG("asnTime and tm are both NULL");
- ret = 0;
- }
- if (ret == 1) {
- /* Get current Unix Time GMT. */
- currentTime = wc_Time(0);
- if (currentTime <= 0) {
- WOLFSSL_MSG("Failed to get current time.");
- ret = 0;
- }
- }
- if (ret == 1) {
- /* Convert Unix Time GMT into broken-down time. */
- tmpTs = XGMTIME(¤tTime, tmpTs);
- if (tmpTs == NULL) {
- WOLFSSL_MSG("Failed to convert current time to UTC.");
- ret = 0;
- }
- }
- if (ret == 1) {
- /* Copy from the structure returned into parameter. */
- XMEMCPY(tm, tmpTs, sizeof(*tm));
- }
- return ret;
- }
- /* Convert ASN.1 TIME object's time into broken-down representation.
- *
- * Internal time string is checked when tm is NULL.
- *
- * @param [in] asnTime ASN.1 TIME object.
- * @param [out] tm Broken-down time.
- * @return 1 on success.
- * @return 0 when asnTime is NULL and tm is NULL.
- * @return 0 getting current time fails.
- * @return 0 when internal time string is invalid.
- */
- int wolfSSL_ASN1_TIME_to_tm(const WOLFSSL_ASN1_TIME* asnTime, struct tm* tm)
- {
- int ret = 1;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_to_tm");
- /* If asnTime is NULL, then the current time is converted. */
- if (asnTime == NULL) {
- ret = wolfssl_get_current_time_tm(tm);
- }
- /* If tm is NULL this function performs a format check on asnTime only. */
- else if (tm == NULL) {
- ret = wolfSSL_ASN1_TIME_check(asnTime);
- }
- else {
- /* Convert ASN.1 TIME to broken-down time. */
- ret = wolfssl_asn1_time_to_tm(asnTime, tm);
- }
- return ret;
- }
- #ifndef NO_BIO
- /* Print the ASN.1 TIME object as a string to BIO.
- *
- * @param [in] bio BIO to write to.
- * @param [in] asnTime ASN.1 TIME object.
- * @return 1 on success.
- * @return 0 when bio or asnTime is NULL.
- * @return 0 when creating human readable string fails.
- * @return 0 when writing to BIO fails.
- */
- int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime)
- {
- int ret = 1;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_print");
- /* Validate parameters. */
- if ((bio == NULL) || (asnTime == NULL)) {
- WOLFSSL_MSG("NULL function argument");
- ret = 0;
- }
- if (ret == 1) {
- char buf[MAX_TIME_STRING_SZ];
- int len;
- /* Create human readable string. */
- if (wolfSSL_ASN1_TIME_to_string((WOLFSSL_ASN1_TIME*)asnTime, buf,
- sizeof(buf)) == NULL) {
- /* Write out something anyway but return error. */
- XMEMSET(buf, 0, MAX_TIME_STRING_SZ);
- XSTRNCPY(buf, "Bad time value", sizeof(buf)-1);
- ret = 0;
- }
- /* Write out string. */
- len = (int)XSTRLEN(buf);
- if (wolfSSL_BIO_write(bio, buf, len) != len) {
- WOLFSSL_MSG("Unable to write to bio");
- ret = 0;
- }
- }
- return ret;
- }
- #endif /* !NO_BIO */
- #endif /* WOLFSSL_MYSQL_COMPATIBLE || OPENSSL_EXTRA */
- #ifdef OPENSSL_EXTRA
- #ifndef NO_BIO
- /* Print the ASN.1 UTC TIME object as a string to BIO.
- *
- * @param [in] bio BIO to write to.
- * @param [in] asnTime ASN.1 UTC TIME object.
- * @return 1 on success.
- * @return 0 when bio or asnTime is NULL.
- * @return 0 when ASN.1 type is not UTC TIME.
- * @return 0 when creating human readable string fails.
- * @return 0 when writing to BIO fails.
- */
- int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_UTCTIME* a)
- {
- int ret = 1;
- WOLFSSL_ENTER("wolfSSL_ASN1_UTCTIME_print");
- /* Validate parameters. */
- if ((bio == NULL) || (a == NULL)) {
- ret = 0;
- }
- /* Validate ASN.1 UTC TIME object is of type UTC_TIME. */
- if ((ret == 1) && (a->type != V_ASN1_UTCTIME)) {
- WOLFSSL_MSG("Error, not UTC_TIME");
- ret = 0;
- }
- if (ret == 1) {
- /* Use generic time printing function to do work. */
- ret = wolfSSL_ASN1_TIME_print(bio, a);
- }
- return ret;
- }
- #endif /* !NO_BIO */
- #endif /* OPENSSL_EXTRA */
- #endif /* !NO_ASN_TIME */
- /*******************************************************************************
- * ASN1_TYPE APIs
- ******************************************************************************/
- #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
- /**
- * Allocate a new ASN.1 TYPE object.
- *
- * @return New empty ASN.1 TYPE object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_TYPE* wolfSSL_ASN1_TYPE_new(void)
- {
- WOLFSSL_ASN1_TYPE* ret;
- /* Allocate a new ASN.1 TYPE object. */
- ret = (WOLFSSL_ASN1_TYPE*)XMALLOC(sizeof(WOLFSSL_ASN1_TYPE), NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (ret != NULL) {
- /* Clear out fields. */
- XMEMSET(ret, 0, sizeof(WOLFSSL_ASN1_TYPE));
- }
- return ret;
- }
- /* Free the ASN.1 TYPE object's value field.
- *
- * @param [in, out] at ASN.1 TYPE object.
- */
- static void wolfssl_asn1_type_free_value(WOLFSSL_ASN1_TYPE* at)
- {
- switch (at->type) {
- case V_ASN1_NULL:
- break;
- case V_ASN1_OBJECT:
- wolfSSL_ASN1_OBJECT_free(at->value.object);
- break;
- case V_ASN1_UTCTIME:
- #if !defined(NO_ASN_TIME) && defined(OPENSSL_EXTRA)
- wolfSSL_ASN1_TIME_free(at->value.utctime);
- #endif
- break;
- case V_ASN1_GENERALIZEDTIME:
- #if !defined(NO_ASN_TIME) && defined(OPENSSL_EXTRA)
- wolfSSL_ASN1_TIME_free(at->value.generalizedtime);
- #endif
- break;
- case V_ASN1_UTF8STRING:
- case V_ASN1_PRINTABLESTRING:
- case V_ASN1_T61STRING:
- case V_ASN1_IA5STRING:
- case V_ASN1_UNIVERSALSTRING:
- case V_ASN1_SEQUENCE:
- wolfSSL_ASN1_STRING_free(at->value.asn1_string);
- break;
- default:
- break;
- }
- }
- /**
- * Free ASN.1 TYPE object and its value.
- *
- * @param [in, out] at ASN.1 TYPE object.
- */
- void wolfSSL_ASN1_TYPE_free(WOLFSSL_ASN1_TYPE* at)
- {
- if (at != NULL) {
- /* Dispose of value in ASN.1 TYPE object. */
- wolfssl_asn1_type_free_value(at);
- }
- /* Dispose of ASN.1 TYPE object. */
- XFREE(at, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
- #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS) || \
- defined(WOLFSSL_WPAS_SMALL)
- /**
- * Set ASN.1 TYPE object with a type and value.
- *
- * Type of value for different types:
- * V_ASN1_NULL : Value should be NULL.
- * V_ASN1_OBJECT : WOLFSSL_ASN1_OBJECT.
- * V_ASN1_UTCTIME : WOLFSSL_ASN1_TIME.
- * V_ASN1_GENERALIZEDTIME : WOLFSSL_ASN1_TIME.
- * V_ASN1_UTF8STRING : WOLFSSL_ASN1_STRING.
- * V_ASN1_PRINTABLESTRING : WOLFSSL_ASN1_STRING.
- * V_ASN1_T61STRING : WOLFSSL_ASN1_STRING.
- * V_ASN1_IA5STRING : WOLFSSL_ASN1_STRING.
- * V_ASN1_UNINVERSALSTRING: WOLFSSL_ASN1_STRING.
- * V_ASN1_SEQUENCE : WOLFSSL_ASN1_STRING.
- *
- * @param [in, out] a ASN.1 TYPE object to set.
- * @param [in] type ASN.1 type of value.
- * @param [in] value Value to store.
- */
- void wolfSSL_ASN1_TYPE_set(WOLFSSL_ASN1_TYPE *a, int type, void *value)
- {
- if (a != NULL) {
- switch (type) {
- case V_ASN1_NULL:
- if (value != NULL) {
- WOLFSSL_MSG("NULL tag meant to be always empty!");
- /* No way to return error - value will not be used. */
- }
- FALL_THROUGH;
- case V_ASN1_OBJECT:
- case V_ASN1_UTCTIME:
- case V_ASN1_GENERALIZEDTIME:
- case V_ASN1_UTF8STRING:
- case V_ASN1_PRINTABLESTRING:
- case V_ASN1_T61STRING:
- case V_ASN1_IA5STRING:
- case V_ASN1_UNIVERSALSTRING:
- case V_ASN1_SEQUENCE:
- /* Dispose of any value currently set. */
- wolfssl_asn1_type_free_value(a);
- /* Assign anonymously typed input to anonymously typed field. */
- a->value.ptr = (char *)value;
- /* Set the type required. */
- a->type = type;
- break;
- default:
- WOLFSSL_MSG("Unknown or unsupported ASN1_TYPE");
- /* No way to return error. */
- }
- }
- }
- #endif /* OPENSSL_ALL || OPENSSL_EXTRA || WOLFSSL_WPAS */
- #endif /* !NO_ASN */
- #endif /* !WOLFSSL_SSL_ASN1_INCLUDED */
|