1
0

asn1.c 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510
  1. /* asn1.c
  2. *
  3. * Copyright (C) 2006-2023 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL.
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20. */
  21. #ifdef HAVE_CONFIG_H
  22. #include <config.h>
  23. #endif
  24. #ifndef WOLFSSL_USER_SETTINGS
  25. #include <wolfssl/options.h>
  26. #endif
  27. #include <wolfssl/wolfcrypt/settings.h>
  28. #include <wolfssl/wolfcrypt/asn_public.h>
  29. #include <wolfssl/wolfcrypt/coding.h>
  30. #include <wolfssl/wolfcrypt/error-crypt.h>
  31. #include <stdio.h>
  32. #if defined(WOLFSSL_ASN_PRINT) && !defined(NO_FILESYSTEM)
  33. /* Increment allocated data by this much. */
  34. #define DATA_INC_LEN 256
  35. /* File format is DER/BER. */
  36. #define FORMAT_DER 0
  37. /* File format is BASE64. */
  38. #define FORMAT_BASE64 1
  39. /* File format is PEM. */
  40. #define FORMAT_PEM 2
  41. /* ASN.1 print options. */
  42. static Asn1PrintOptions opts;
  43. /* ASN.1 parsing state. */
  44. static Asn1 asn1;
  45. /* Read the contents of a file into a dynamically allocated buffer.
  46. *
  47. * Uses realloc as input may be stdin.
  48. *
  49. * @param [in] fp File pointer to read from.
  50. * @param [out] pdata Pointer to data.
  51. * @param [out] plen Pointer to length.
  52. * @return 0 on success.
  53. * @return 1 on failure.
  54. */
  55. static int asn1App_ReadFile(FILE* fp, unsigned char** pdata, word32* plen)
  56. {
  57. int ret = 0;
  58. word32 len = 0;
  59. size_t read_len;
  60. /* Allocate a minimum amount. */
  61. unsigned char* data = (unsigned char*)malloc(DATA_INC_LEN);
  62. if (data != NULL) {
  63. /* Read more data. */
  64. while ((read_len = fread(data + len, 1, DATA_INC_LEN, fp)) != 0) {
  65. unsigned char* p;
  66. /* Add read data amount to length. */
  67. len += (word32)read_len;
  68. /* Stop if we are at end-of-file. */
  69. if (feof(fp)) {
  70. break;
  71. }
  72. /* Make space for more data to be added to buffer. */
  73. p = (unsigned char*)realloc(data, len + DATA_INC_LEN);
  74. if (p == NULL) {
  75. /* Reallocation failed - free current buffer. */
  76. free(data);
  77. data = NULL;
  78. break;
  79. }
  80. /* Set data to new pointer. */
  81. data = p;
  82. }
  83. }
  84. if (data != NULL) {
  85. /* Return data and length. */
  86. *pdata = data;
  87. *plen = len;
  88. }
  89. else {
  90. /* Failed to allocate data. */
  91. ret = MEMORY_E;
  92. }
  93. return ret;
  94. }
  95. /* Print ASN.1 of a file containing BER/DER data.
  96. *
  97. * @param [in] fp File pointer to read from.
  98. * @return 0 on success.
  99. * @return 1 on failure.
  100. */
  101. static int PrintDer(FILE* fp)
  102. {
  103. int ret = 0;
  104. word32 len = 0;
  105. unsigned char* data = NULL;
  106. /* Load DER/BER file. */
  107. if (asn1App_ReadFile(fp, &data, &len) != 0) {
  108. ret = 1;
  109. }
  110. if ((ret == 0) && (data != NULL)) {
  111. /* Print DER/BER. */
  112. ret = wc_Asn1_PrintAll(&asn1, &opts, data, len);
  113. /* Dispose of buffer. */
  114. free(data);
  115. }
  116. return ret;
  117. }
  118. #ifndef NO_CODING
  119. /* Print ASN.1 of a file containing Base64 encoding of BER/DER data.
  120. *
  121. * @param [in] fp File pointer to read from.
  122. * @return 0 on success.
  123. * @return 1 on failure.
  124. */
  125. static int PrintBase64(FILE* fp)
  126. {
  127. int ret = 0;
  128. word32 len = 0;
  129. unsigned char* data = NULL;
  130. /* Load Base64 encoded file. */
  131. if (asn1App_ReadFile(fp, &data, &len) != 0) {
  132. ret = 1;
  133. }
  134. if ((ret == 0) && (data != NULL)) {
  135. /* Decode Base64. */
  136. if (Base64_Decode(data, len, data, &len) != 0) {
  137. fprintf(stderr, "Invalid Base64 encoding\n");
  138. ret = 1;
  139. }
  140. if (ret == 0) {
  141. /* Print DER/BER. */
  142. ret = wc_Asn1_PrintAll(&asn1, &opts, data, len);
  143. }
  144. /* Dispose of buffer. */
  145. free(data);
  146. }
  147. return ret;
  148. }
  149. /* Find the next PEM block.
  150. *
  151. * @param [in] data PEM data.
  152. * @param [in] offset Offset into data to start looking.
  153. * @param [in] len Length of PEM data.
  154. * @param [out] start Start of Base64 encoding.
  155. * @param [out] end End of Base64 encoding.
  156. */
  157. static int FindPem(unsigned char* data, word32 offset, word32 len,
  158. word32* start, word32* end)
  159. {
  160. int ret = 0;
  161. word32 i = 0;
  162. word32 j = 0;
  163. /* Find header. */
  164. for (i = offset; i < len; i++) {
  165. if ((data[i] == '-') &&
  166. (strncmp((char*)data + i, "-----BEGIN", 10) == 0)) {
  167. break;
  168. }
  169. }
  170. if (i == len) {
  171. /* Got to end without finding PEM header. */
  172. fprintf(stderr, "No PEM header found\n");
  173. ret = 1;
  174. }
  175. if (ret == 0) {
  176. /* Confirm header. */
  177. for (i += 10; i < len; i++) {
  178. if ((data[i] == '-') &&
  179. (strncmp((char*)data + i, "-----", 5) == 0)) {
  180. break;
  181. }
  182. }
  183. if (i == len) {
  184. /* Got to end without finding rest of PEM header. */
  185. fprintf(stderr, "Invalid PEM header\n");
  186. ret = 1;
  187. }
  188. }
  189. if (ret == 0) {
  190. /* Find footer. */
  191. i += 6;
  192. for (j = i + 1; j < len; j++) {
  193. if ((data[j] == '-') &&
  194. (strncmp((char*)data + j, "-----END", 8) == 0)) {
  195. break;
  196. }
  197. }
  198. if (j == len) {
  199. /* Got to end without finding PEM footer. */
  200. fprintf(stderr, "No PEM footer found\n");
  201. ret = 1;
  202. }
  203. }
  204. if (ret == 0) {
  205. /* Return start and end indices. */
  206. *start = i;
  207. *end = j;
  208. }
  209. return ret;
  210. }
  211. /* Print ASN.1 of file containing PEM.
  212. *
  213. * Only one block is printed.
  214. *
  215. * @param [in] fp File pointer to read from.
  216. * @param [in] pem_skip Number of PEM blocks to skip.
  217. * @return 0 on success.
  218. * @return 1 on failure.
  219. */
  220. static int PrintPem(FILE* fp, int pem_skip)
  221. {
  222. int ret = 0;
  223. unsigned char* data = NULL;
  224. word32 len = 0;
  225. /* Load PEM file. */
  226. if (asn1App_ReadFile(fp, &data, &len) != 0) {
  227. ret = 1;
  228. }
  229. if ((ret == 0) && (data != NULL)) {
  230. word32 i = 0;
  231. word32 j = 0;
  232. /* Find PEM blocks and skip number requested. */
  233. do {
  234. /* Find start and end of PEM Base64 data. */
  235. ret = FindPem(data, j, len, &i, &j);
  236. } while ((ret == 0) && ((pem_skip--) != 0));
  237. /* Decode data between header and footer. */
  238. if ((ret == 0) && (Base64_Decode(data + i, j - i, data, &len) != 0)) {
  239. fprintf(stderr, "Invalid Base64 encoding\n");
  240. ret = 1;
  241. }
  242. if (ret == 0) {
  243. /* Print DER/BER. */
  244. ret = wc_Asn1_PrintAll(&asn1, &opts, data, len);
  245. }
  246. /* Dispose of buffer. */
  247. free(data);
  248. }
  249. return ret;
  250. }
  251. #endif
  252. /* Usage lines to show. */
  253. const char* usage[] = {
  254. "asn1 [OPTION]... [FILE]",
  255. "Display a human-readable version of a DER/BER encoding.",
  256. "",
  257. "Options:",
  258. " -?, --help display this help and exit",
  259. " -b, --branch draw branches before tag name",
  260. #ifndef NO_CODING
  261. " -B, --base64 file contents are Base64 encoded",
  262. #endif
  263. " -d, --dump show all ASN.1 item data as a hex dump",
  264. " -h, --headers show all ASN.1 item headers as a hex dump",
  265. " -i, --indent indent tag name with depth",
  266. " -l, --length LEN display length bytes of data",
  267. " -n, --no-text do not show data as text",
  268. " -N, --no-dump-text do not show data as a hex dump text",
  269. " -o, --offset OFFSET start decoding from offset",
  270. " -O, --oid show wolfSSL OID value in text",
  271. #ifndef NO_CODING
  272. " -p, --pem file contents are PEM",
  273. #endif
  274. " -s, --skip-pem NUM number of PEM blocks to skip",
  275. };
  276. /* Number of usage lines. */
  277. #define USAGE_SZ ((int)(sizeof(usage) / sizeof(*usage)))
  278. /* Print out usage lines.
  279. */
  280. static void Usage(void)
  281. {
  282. int i;
  283. for (i = 0; i < USAGE_SZ; i++) {
  284. printf("%s\n", usage[i]);
  285. }
  286. }
  287. /* Main entry of ASN.1 printing program.
  288. *
  289. * @param [in] argc Count of command line arguments.
  290. * @param [in] argv Command line arguments.
  291. * @return 0 on success.
  292. * @return 1 on failure.
  293. */
  294. int main(int argc, char* argv[])
  295. {
  296. int ret = 0;
  297. /* Default to reading STDIN. */
  298. FILE* fp = stdin;
  299. int file_format = FORMAT_DER;
  300. word32 indent = 0;
  301. int pem_skip = 0;
  302. /* Reset options. */
  303. (void)wc_Asn1PrintOptions_Init(&opts);
  304. /* Skip over program name. */
  305. argc--;
  306. argv++;
  307. while (argc > 0) {
  308. /* Show branches instead of indenting. */
  309. if ((strcmp(argv[0], "-b") == 0) ||
  310. (strcmp(argv[0], "--branch") == 0)) {
  311. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_DRAW_BRANCH, 1);
  312. }
  313. #ifndef NO_CODING
  314. /* File is Base64 encoded data. */
  315. else if ((strcmp(argv[0], "-b64") == 0) ||
  316. (strcmp(argv[0], "--base64") == 0)) {
  317. file_format = FORMAT_BASE64;
  318. }
  319. #endif
  320. /* Dump all ASN.1 item data. */
  321. else if ((strcmp(argv[0], "-d") == 0) ||
  322. (strcmp(argv[0], "--dump") == 0)) {
  323. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_DATA, 1);
  324. }
  325. /* Dump ASN.1 item headers. */
  326. else if ((strcmp(argv[0], "-h") == 0) ||
  327. (strcmp(argv[0], "--headers") == 0)) {
  328. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_HEADER_DATA, 1);
  329. }
  330. /* Indent to text to indicate depth. */
  331. else if ((strcmp(argv[0], "-i") == 0) ||
  332. (strcmp(argv[0], "--indent") == 0)) {
  333. indent++;
  334. if (indent > 15) {
  335. }
  336. }
  337. /* Only parse the specified length of DER/BER data. */
  338. else if ((strcmp(argv[0], "-l") == 0) ||
  339. (strcmp(argv[0], "--length") == 0)) {
  340. if (argc == 1) {
  341. printf("Missing length value\n");
  342. return 1;
  343. }
  344. argc--;
  345. argv++;
  346. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_LENGTH,
  347. (word32)atoi(argv[0]));
  348. }
  349. /* Do not show text representations of ASN.1 item data. */
  350. else if ((strcmp(argv[0], "-n") == 0) ||
  351. (strcmp(argv[0], "--no-text") == 0)) {
  352. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_NO_TEXT, 1);
  353. }
  354. /* Do not show hex dump text representations of ASN.1 item data. */
  355. else if ((strcmp(argv[0], "-N") == 0) ||
  356. (strcmp(argv[0], "--no-dump-text") == 0)) {
  357. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_NO_DUMP_TEXT, 1);
  358. }
  359. /* Offset into DER/BER to start decoding from. */
  360. else if ((strcmp(argv[0], "-o") == 0) ||
  361. (strcmp(argv[0], "--offset") == 0)) {
  362. if (argc == 1) {
  363. fprintf(stderr, "Missing offset value\n");
  364. return 1;
  365. }
  366. argc--;
  367. argv++;
  368. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_OFFSET,
  369. (word32)atoi(argv[0]));
  370. }
  371. /* Show wolfSSL OID value for all OBJECT_IDs. */
  372. else if ((strcmp(argv[0], "-O") == 0) ||
  373. (strcmp(argv[0], "--oid") == 0)) {
  374. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_OID, 1);
  375. }
  376. #ifndef NO_CODING
  377. /* File contains PEM blocks. */
  378. else if ((strcmp(argv[0], "-p") == 0) ||
  379. (strcmp(argv[0], "--pem") == 0)) {
  380. file_format = FORMAT_PEM;
  381. }
  382. #endif
  383. /* Skip a number of PEM blocks. */
  384. else if ((strcmp(argv[0], "-s") == 0) ||
  385. (strcmp(argv[0], "--skip-pem") == 0)) {
  386. if (argc == 1) {
  387. fprintf(stderr, "Missing number of PEM blocks to skip\n");
  388. return 1;
  389. }
  390. argc--;
  391. argv++;
  392. pem_skip = atoi(argv[0]);
  393. if ((pem_skip < 0) || (pem_skip > 15)) {
  394. fprintf(stderr, "Skip value out of range: %d\n", pem_skip);
  395. return 1;
  396. }
  397. }
  398. /* Display help/usage. */
  399. else if ((strcmp(argv[0], "-?") == 0) ||
  400. (strcmp(argv[0], "--help") == 0)) {
  401. Usage();
  402. return 0;
  403. }
  404. /* Unknown option detection. */
  405. else if (argv[0][0] == '-') {
  406. fprintf(stderr, "Bad option: %s\n", argv[0]);
  407. Usage();
  408. return 1;
  409. }
  410. else {
  411. /* Name of file to read. */
  412. fp = fopen(argv[0], "r");
  413. if (fp == NULL) {
  414. fprintf(stderr, "File not able to be read: %s\n", argv[0]);
  415. return 1;
  416. }
  417. }
  418. /* Move on to next command line argument. */
  419. argc--;
  420. argv++;
  421. }
  422. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_INDENT, indent);
  423. (void)wc_Asn1_Init(&asn1);
  424. (void)wc_Asn1_SetFile(&asn1, stdout);
  425. /* Process file based on type. */
  426. if (file_format == FORMAT_DER) {
  427. ret = PrintDer(fp);
  428. }
  429. #ifndef NO_CODING
  430. else if (file_format == FORMAT_BASE64) {
  431. ret = PrintBase64(fp);
  432. }
  433. #endif
  434. #ifndef NO_CODING
  435. else if (file_format == FORMAT_PEM) {
  436. ret = PrintPem(fp, pem_skip);
  437. }
  438. #endif
  439. if (ret != 0) {
  440. fprintf(stderr, "%s\n", wc_GetErrorString(ret));
  441. }
  442. if (fp != stdin) {
  443. fclose(fp);
  444. }
  445. return (ret == 0) ? 0 : 1;
  446. }
  447. #else
  448. /* Main entry of ASN.1 printing program.
  449. *
  450. * @param [in] argc Count of command line arguments.
  451. * @param [in] argv Command line arguments.
  452. * @return 0 on success.
  453. * @return 1 on failure.
  454. */
  455. int main(int argc, char* argv[])
  456. {
  457. (void)argc;
  458. (void)argv;
  459. fprintf(stderr, "ASN.1 Parsing and Printing or file system not compiled"
  460. " in.\n");
  461. return 0;
  462. }
  463. #endif /* WOLFSSL_ASN_PRINT && !defined(NO_FILESYSTEM)*/