asn1.c 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519
  1. /* asn1.c
  2. *
  3. * Copyright (C) 2006-2024 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL.
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20. */
  21. #ifdef HAVE_CONFIG_H
  22. #include <config.h>
  23. #endif
  24. #ifndef WOLFSSL_USER_SETTINGS
  25. #include <wolfssl/options.h>
  26. #endif
  27. #include <wolfssl/wolfcrypt/settings.h>
  28. #include <wolfssl/wolfcrypt/asn_public.h>
  29. #include <wolfssl/wolfcrypt/coding.h>
  30. #include <wolfssl/wolfcrypt/error-crypt.h>
  31. #include <stdio.h>
  32. #if defined(WOLFSSL_ASN_PRINT) && !defined(NO_FILESYSTEM)
  33. /* Increment allocated data by this much. */
  34. #define DATA_INC_LEN 256
  35. /* File format is DER/BER. */
  36. #define FORMAT_DER 0
  37. /* File format is BASE64. */
  38. #define FORMAT_BASE64 1
  39. /* File format is PEM. */
  40. #define FORMAT_PEM 2
  41. /* ASN.1 print options. */
  42. static Asn1PrintOptions opts;
  43. /* ASN.1 parsing state. */
  44. static Asn1 asn1;
  45. /* Read the contents of a file into a dynamically allocated buffer.
  46. *
  47. * Uses realloc as input may be stdin.
  48. *
  49. * @param [in] fp File pointer to read from.
  50. * @param [out] pdata Pointer to data.
  51. * @param [out] plen Pointer to length.
  52. * @return 0 on success.
  53. * @return 1 on failure.
  54. */
  55. static int asn1App_ReadFile(FILE* fp, unsigned char** pdata, word32* plen)
  56. {
  57. int ret = 0;
  58. word32 len = 0;
  59. size_t read_len;
  60. /* Allocate a minimum amount. */
  61. unsigned char* data = (unsigned char*)XMALLOC(DATA_INC_LEN, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  62. if (data != NULL) {
  63. /* Read more data. */
  64. while ((read_len = fread(data + len, 1, DATA_INC_LEN, fp)) != 0) {
  65. unsigned char* p;
  66. if (ferror(fp)) {
  67. XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  68. return IO_FAILED_E;
  69. }
  70. /* Add read data amount to length. */
  71. len += (word32)read_len;
  72. /* Stop if we are at end-of-file. */
  73. if (feof(fp)) {
  74. break;
  75. }
  76. /* Make space for more data to be added to buffer. */
  77. p = (unsigned char*)XREALLOC(data, len + DATA_INC_LEN, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  78. if (p == NULL) {
  79. /* Reallocation failed - free current buffer. */
  80. XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  81. data = NULL;
  82. break;
  83. }
  84. /* Set data to new pointer. */
  85. data = p;
  86. }
  87. }
  88. if (data != NULL) {
  89. /* Return data and length. */
  90. *pdata = data;
  91. *plen = len;
  92. }
  93. else {
  94. /* Failed to allocate data. */
  95. ret = MEMORY_E;
  96. }
  97. return ret;
  98. }
  99. /* Print ASN.1 of a file containing BER/DER data.
  100. *
  101. * @param [in] fp File pointer to read from.
  102. * @return 0 on success.
  103. * @return 1 on failure.
  104. */
  105. static int PrintDer(FILE* fp)
  106. {
  107. int ret = 0;
  108. word32 len = 0;
  109. unsigned char* data = NULL;
  110. /* Load DER/BER file. */
  111. if (asn1App_ReadFile(fp, &data, &len) != 0) {
  112. ret = 1;
  113. }
  114. if ((ret == 0) && (data != NULL)) {
  115. /* Print DER/BER. */
  116. ret = wc_Asn1_PrintAll(&asn1, &opts, data, len);
  117. /* Dispose of buffer. */
  118. XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  119. }
  120. return ret;
  121. }
  122. #ifndef NO_CODING
  123. /* Print ASN.1 of a file containing Base64 encoding of BER/DER data.
  124. *
  125. * @param [in] fp File pointer to read from.
  126. * @return 0 on success.
  127. * @return 1 on failure.
  128. */
  129. static int PrintBase64(FILE* fp)
  130. {
  131. int ret = 0;
  132. word32 len = 0;
  133. unsigned char* data = NULL;
  134. /* Load Base64 encoded file. */
  135. if (asn1App_ReadFile(fp, &data, &len) != 0) {
  136. ret = 1;
  137. }
  138. if ((ret == 0) && (data != NULL)) {
  139. /* Decode Base64. */
  140. if (Base64_Decode(data, len, data, &len) != 0) {
  141. fprintf(stderr, "Invalid Base64 encoding\n");
  142. ret = 1;
  143. }
  144. if (ret == 0) {
  145. /* Print DER/BER. */
  146. ret = wc_Asn1_PrintAll(&asn1, &opts, data, len);
  147. }
  148. /* Dispose of buffer. */
  149. XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  150. }
  151. return ret;
  152. }
  153. /* Find the next PEM block.
  154. *
  155. * @param [in] data PEM data.
  156. * @param [in] offset Offset into data to start looking.
  157. * @param [in] len Length of PEM data.
  158. * @param [out] start Start of Base64 encoding.
  159. * @param [out] end End of Base64 encoding.
  160. */
  161. static int FindPem(unsigned char* data, word32 offset, word32 len,
  162. word32* start, word32* end)
  163. {
  164. int ret = 0;
  165. word32 i = 0;
  166. word32 j = 0;
  167. /* Find header. */
  168. for (i = offset; i < len; i++) {
  169. if ((data[i] == '-') &&
  170. (strncmp((char*)data + i, "-----BEGIN", 10) == 0)) {
  171. break;
  172. }
  173. }
  174. if (i == len) {
  175. /* Got to end without finding PEM header. */
  176. fprintf(stderr, "No PEM header found\n");
  177. ret = 1;
  178. }
  179. if (ret == 0) {
  180. /* Confirm header. */
  181. for (i += 10; i < len; i++) {
  182. if ((data[i] == '-') &&
  183. (strncmp((char*)data + i, "-----", 5) == 0)) {
  184. break;
  185. }
  186. }
  187. if (i == len) {
  188. /* Got to end without finding rest of PEM header. */
  189. fprintf(stderr, "Invalid PEM header\n");
  190. ret = 1;
  191. }
  192. }
  193. if (ret == 0) {
  194. /* Find footer. */
  195. i += 6;
  196. for (j = i + 1; j < len; j++) {
  197. if ((data[j] == '-') &&
  198. (strncmp((char*)data + j, "-----END", 8) == 0)) {
  199. break;
  200. }
  201. }
  202. if (j == len) {
  203. /* Got to end without finding PEM footer. */
  204. fprintf(stderr, "No PEM footer found\n");
  205. ret = 1;
  206. }
  207. }
  208. if (ret == 0) {
  209. /* Return start and end indices. */
  210. *start = i;
  211. *end = j;
  212. }
  213. return ret;
  214. }
  215. /* Print ASN.1 of file containing PEM.
  216. *
  217. * Only one block is printed.
  218. *
  219. * @param [in] fp File pointer to read from.
  220. * @param [in] pem_skip Number of PEM blocks to skip.
  221. * @return 0 on success.
  222. * @return 1 on failure.
  223. */
  224. static int PrintPem(FILE* fp, int pem_skip)
  225. {
  226. int ret = 0;
  227. unsigned char* data = NULL;
  228. word32 len = 0;
  229. /* Load PEM file. */
  230. if (asn1App_ReadFile(fp, &data, &len) != 0) {
  231. ret = 1;
  232. }
  233. if ((ret == 0) && (data != NULL)) {
  234. word32 i = 0;
  235. word32 j = 0;
  236. /* Find PEM blocks and skip number requested. */
  237. do {
  238. /* Find start and end of PEM Base64 data. */
  239. ret = FindPem(data, j, len, &i, &j);
  240. } while ((ret == 0) && ((pem_skip--) != 0));
  241. /* Decode data between header and footer. */
  242. if ((ret == 0) && (Base64_Decode(data + i, j - i, data, &len) != 0)) {
  243. fprintf(stderr, "Invalid Base64 encoding\n");
  244. ret = 1;
  245. }
  246. if (ret == 0) {
  247. /* Print DER/BER. */
  248. ret = wc_Asn1_PrintAll(&asn1, &opts, data, len);
  249. }
  250. /* Dispose of buffer. */
  251. XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  252. }
  253. return ret;
  254. }
  255. #endif
  256. /* Usage lines to show. */
  257. const char* usage[] = {
  258. "asn1 [OPTION]... [FILE]",
  259. "Display a human-readable version of a DER/BER encoding.",
  260. "",
  261. "Options:",
  262. " -?, --help display this help and exit",
  263. " -b, --branch draw branches before tag name",
  264. #ifndef NO_CODING
  265. " -B, --base64 file contents are Base64 encoded",
  266. #endif
  267. " -d, --dump show all ASN.1 item data as a hex dump",
  268. " -h, --headers show all ASN.1 item headers as a hex dump",
  269. " -i, --indent indent tag name with depth",
  270. " -l, --length LEN display length bytes of data",
  271. " -n, --no-text do not show data as text",
  272. " -N, --no-dump-text do not show data as a hex dump text",
  273. " -o, --offset OFFSET start decoding from offset",
  274. " -O, --oid show wolfSSL OID value in text",
  275. #ifndef NO_CODING
  276. " -p, --pem file contents are PEM",
  277. #endif
  278. " -s, --skip-pem NUM number of PEM blocks to skip",
  279. };
  280. /* Number of usage lines. */
  281. #define USAGE_SZ ((int)(sizeof(usage) / sizeof(*usage)))
  282. /* Print out usage lines.
  283. */
  284. static void Usage(void)
  285. {
  286. int i;
  287. for (i = 0; i < USAGE_SZ; i++) {
  288. printf("%s\n", usage[i]);
  289. }
  290. }
  291. /* Main entry of ASN.1 printing program.
  292. *
  293. * @param [in] argc Count of command line arguments.
  294. * @param [in] argv Command line arguments.
  295. * @return 0 on success.
  296. * @return 1 on failure.
  297. */
  298. int main(int argc, char* argv[])
  299. {
  300. int ret = 0;
  301. /* Default to reading STDIN. */
  302. FILE* fp = stdin;
  303. int file_format = FORMAT_DER;
  304. word32 indent = 0;
  305. int pem_skip = 0;
  306. /* Reset options. */
  307. (void)wc_Asn1PrintOptions_Init(&opts);
  308. /* Skip over program name. */
  309. argc--;
  310. argv++;
  311. while (argc > 0) {
  312. /* Show branches instead of indenting. */
  313. if ((strcmp(argv[0], "-b") == 0) ||
  314. (strcmp(argv[0], "--branch") == 0)) {
  315. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_DRAW_BRANCH, 1);
  316. }
  317. #ifndef NO_CODING
  318. /* File is Base64 encoded data. */
  319. else if ((strcmp(argv[0], "-b64") == 0) ||
  320. (strcmp(argv[0], "--base64") == 0)) {
  321. file_format = FORMAT_BASE64;
  322. }
  323. #endif
  324. /* Dump all ASN.1 item data. */
  325. else if ((strcmp(argv[0], "-d") == 0) ||
  326. (strcmp(argv[0], "--dump") == 0)) {
  327. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_DATA, 1);
  328. }
  329. /* Dump ASN.1 item headers. */
  330. else if ((strcmp(argv[0], "-h") == 0) ||
  331. (strcmp(argv[0], "--headers") == 0)) {
  332. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_HEADER_DATA, 1);
  333. }
  334. /* Indent to text to indicate depth. */
  335. else if ((strcmp(argv[0], "-i") == 0) ||
  336. (strcmp(argv[0], "--indent") == 0)) {
  337. indent++;
  338. if (indent > 15) {
  339. }
  340. }
  341. /* Only parse the specified length of DER/BER data. */
  342. else if ((strcmp(argv[0], "-l") == 0) ||
  343. (strcmp(argv[0], "--length") == 0)) {
  344. if (argc == 1) {
  345. printf("Missing length value\n");
  346. return 1;
  347. }
  348. argc--;
  349. argv++;
  350. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_LENGTH,
  351. (word32)atoi(argv[0]));
  352. }
  353. /* Do not show text representations of ASN.1 item data. */
  354. else if ((strcmp(argv[0], "-n") == 0) ||
  355. (strcmp(argv[0], "--no-text") == 0)) {
  356. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_NO_TEXT, 1);
  357. }
  358. /* Do not show hex dump text representations of ASN.1 item data. */
  359. else if ((strcmp(argv[0], "-N") == 0) ||
  360. (strcmp(argv[0], "--no-dump-text") == 0)) {
  361. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_NO_DUMP_TEXT, 1);
  362. }
  363. /* Offset into DER/BER to start decoding from. */
  364. else if ((strcmp(argv[0], "-o") == 0) ||
  365. (strcmp(argv[0], "--offset") == 0)) {
  366. if (argc == 1) {
  367. fprintf(stderr, "Missing offset value\n");
  368. return 1;
  369. }
  370. argc--;
  371. argv++;
  372. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_OFFSET,
  373. (word32)atoi(argv[0]));
  374. }
  375. /* Show wolfSSL OID value for all OBJECT_IDs. */
  376. else if ((strcmp(argv[0], "-O") == 0) ||
  377. (strcmp(argv[0], "--oid") == 0)) {
  378. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_OID, 1);
  379. }
  380. #ifndef NO_CODING
  381. /* File contains PEM blocks. */
  382. else if ((strcmp(argv[0], "-p") == 0) ||
  383. (strcmp(argv[0], "--pem") == 0)) {
  384. file_format = FORMAT_PEM;
  385. }
  386. #endif
  387. /* Skip a number of PEM blocks. */
  388. else if ((strcmp(argv[0], "-s") == 0) ||
  389. (strcmp(argv[0], "--skip-pem") == 0)) {
  390. if (argc == 1) {
  391. fprintf(stderr, "Missing number of PEM blocks to skip\n");
  392. return 1;
  393. }
  394. argc--;
  395. argv++;
  396. pem_skip = atoi(argv[0]);
  397. if ((pem_skip < 0) || (pem_skip > 15)) {
  398. fprintf(stderr, "Skip value out of range: %d\n", pem_skip);
  399. return 1;
  400. }
  401. }
  402. /* Display help/usage. */
  403. else if ((strcmp(argv[0], "-?") == 0) ||
  404. (strcmp(argv[0], "--help") == 0)) {
  405. Usage();
  406. return 0;
  407. }
  408. /* Unknown option detection. */
  409. else if (argv[0][0] == '-') {
  410. fprintf(stderr, "Bad option: %s\n", argv[0]);
  411. Usage();
  412. return 1;
  413. }
  414. else {
  415. if (fp != stdin) {
  416. fprintf(stderr, "At most one input file can be supplied.\n");
  417. return 1;
  418. }
  419. /* Name of file to read. */
  420. fp = fopen(argv[0], "r");
  421. if (fp == NULL) {
  422. fprintf(stderr, "File not able to be read: %s\n", argv[0]);
  423. return 1;
  424. }
  425. }
  426. /* Move on to next command line argument. */
  427. argc--;
  428. argv++;
  429. }
  430. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_INDENT, indent);
  431. (void)wc_Asn1_Init(&asn1);
  432. (void)wc_Asn1_SetFile(&asn1, stdout);
  433. /* Process file based on type. */
  434. if (file_format == FORMAT_DER) {
  435. ret = PrintDer(fp);
  436. }
  437. #ifndef NO_CODING
  438. else if (file_format == FORMAT_BASE64) {
  439. ret = PrintBase64(fp);
  440. }
  441. #endif
  442. #ifndef NO_CODING
  443. else if (file_format == FORMAT_PEM) {
  444. ret = PrintPem(fp, pem_skip);
  445. }
  446. #endif
  447. if (ret != 0) {
  448. fprintf(stderr, "%s\n", wc_GetErrorString(ret));
  449. }
  450. if (fp != stdin) {
  451. fclose(fp);
  452. }
  453. return (ret == 0) ? 0 : 1;
  454. }
  455. #else
  456. /* Main entry of ASN.1 printing program.
  457. *
  458. * @param [in] argc Count of command line arguments.
  459. * @param [in] argv Command line arguments.
  460. * @return 0 on success.
  461. * @return 1 on failure.
  462. */
  463. int main(int argc, char* argv[])
  464. {
  465. (void)argc;
  466. (void)argv;
  467. fprintf(stderr, "ASN.1 Parsing and Printing or file system not compiled"
  468. " in.\n");
  469. return 0;
  470. }
  471. #endif /* WOLFSSL_ASN_PRINT && !defined(NO_FILESYSTEM)*/