1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827282828292830283128322833283428352836283728382839284028412842284328442845284628472848284928502851285228532854285528562857285828592860286128622863286428652866286728682869287028712872287328742875287628772878287928802881288228832884288528862887288828892890289128922893289428952896289728982899290029012902290329042905290629072908290929102911291229132914291529162917291829192920292129222923292429252926292729282929293029312932293329342935293629372938293929402941294229432944294529462947294829492950295129522953295429552956295729582959296029612962296329642965296629672968296929702971297229732974297529762977297829792980298129822983298429852986298729882989299029912992299329942995299629972998299930003001300230033004300530063007300830093010301130123013301430153016301730183019302030213022302330243025302630273028302930303031303230333034303530363037303830393040304130423043304430453046304730483049305030513052305330543055305630573058305930603061306230633064306530663067306830693070307130723073307430753076307730783079308030813082308330843085308630873088308930903091309230933094309530963097309830993100310131023103310431053106310731083109311031113112311331143115311631173118311931203121312231233124312531263127312831293130313131323133313431353136313731383139314031413142314331443145314631473148314931503151315231533154315531563157315831593160316131623163316431653166316731683169317031713172317331743175317631773178317931803181318231833184318531863187318831893190319131923193319431953196319731983199320032013202320332043205320632073208320932103211321232133214321532163217321832193220322132223223322432253226322732283229323032313232323332343235323632373238323932403241324232433244324532463247324832493250325132523253325432553256325732583259326032613262326332643265326632673268326932703271327232733274327532763277327832793280328132823283328432853286328732883289329032913292329332943295329632973298329933003301330233033304330533063307330833093310331133123313331433153316331733183319332033213322332333243325332633273328332933303331333233333334333533363337333833393340334133423343334433453346334733483349335033513352335333543355335633573358335933603361336233633364336533663367336833693370337133723373337433753376337733783379338033813382338333843385338633873388338933903391339233933394339533963397339833993400340134023403340434053406340734083409341034113412341334143415341634173418341934203421342234233424342534263427342834293430343134323433343434353436343734383439344034413442344334443445344634473448344934503451345234533454345534563457345834593460346134623463346434653466346734683469347034713472347334743475347634773478347934803481348234833484348534863487348834893490349134923493349434953496349734983499350035013502350335043505350635073508350935103511351235133514351535163517351835193520352135223523352435253526352735283529353035313532353335343535353635373538353935403541354235433544354535463547354835493550355135523553355435553556355735583559356035613562356335643565356635673568356935703571357235733574357535763577357835793580358135823583358435853586358735883589359035913592359335943595359635973598359936003601360236033604360536063607360836093610361136123613361436153616361736183619362036213622362336243625362636273628362936303631363236333634363536363637363836393640364136423643364436453646364736483649365036513652365336543655365636573658365936603661366236633664366536663667366836693670367136723673367436753676367736783679368036813682368336843685368636873688368936903691369236933694369536963697369836993700370137023703370437053706370737083709371037113712371337143715371637173718371937203721372237233724372537263727372837293730373137323733373437353736373737383739374037413742374337443745374637473748374937503751375237533754375537563757375837593760376137623763376437653766376737683769377037713772377337743775377637773778377937803781378237833784378537863787378837893790379137923793379437953796379737983799380038013802380338043805380638073808380938103811381238133814381538163817381838193820382138223823382438253826382738283829383038313832383338343835383638373838383938403841384238433844384538463847384838493850385138523853385438553856385738583859386038613862386338643865386638673868386938703871387238733874387538763877387838793880388138823883388438853886388738883889389038913892389338943895389638973898389939003901390239033904390539063907390839093910391139123913391439153916391739183919392039213922392339243925392639273928392939303931393239333934393539363937393839393940394139423943394439453946394739483949395039513952395339543955395639573958395939603961396239633964396539663967396839693970397139723973397439753976397739783979398039813982398339843985398639873988398939903991399239933994399539963997399839994000400140024003400440054006400740084009401040114012401340144015401640174018401940204021402240234024402540264027402840294030403140324033403440354036403740384039404040414042404340444045404640474048404940504051405240534054405540564057405840594060406140624063406440654066406740684069407040714072407340744075407640774078407940804081408240834084408540864087408840894090409140924093409440954096409740984099410041014102410341044105410641074108410941104111411241134114411541164117411841194120412141224123412441254126412741284129413041314132413341344135413641374138413941404141414241434144414541464147414841494150415141524153415441554156415741584159416041614162416341644165416641674168416941704171417241734174417541764177417841794180418141824183418441854186418741884189419041914192419341944195419641974198419942004201420242034204420542064207420842094210421142124213421442154216421742184219422042214222422342244225422642274228422942304231423242334234423542364237423842394240424142424243424442454246424742484249425042514252425342544255425642574258425942604261426242634264426542664267426842694270427142724273427442754276427742784279428042814282428342844285428642874288428942904291429242934294429542964297429842994300430143024303430443054306430743084309431043114312431343144315431643174318431943204321432243234324432543264327432843294330433143324333433443354336433743384339434043414342434343444345434643474348434943504351435243534354435543564357435843594360436143624363436443654366436743684369437043714372437343744375437643774378437943804381438243834384438543864387438843894390439143924393439443954396439743984399440044014402440344044405440644074408440944104411441244134414441544164417441844194420442144224423442444254426442744284429443044314432443344344435443644374438443944404441444244434444444544464447444844494450445144524453445444554456445744584459446044614462446344644465446644674468446944704471447244734474447544764477447844794480448144824483448444854486448744884489449044914492449344944495449644974498449945004501450245034504450545064507450845094510451145124513451445154516451745184519452045214522452345244525452645274528452945304531453245334534453545364537453845394540454145424543454445454546454745484549455045514552455345544555455645574558455945604561456245634564456545664567456845694570457145724573457445754576457745784579458045814582458345844585458645874588458945904591459245934594459545964597459845994600460146024603460446054606460746084609461046114612461346144615461646174618461946204621462246234624462546264627462846294630463146324633463446354636463746384639464046414642464346444645464646474648464946504651465246534654465546564657465846594660466146624663466446654666466746684669467046714672467346744675467646774678467946804681468246834684468546864687468846894690469146924693469446954696469746984699470047014702470347044705470647074708470947104711471247134714471547164717471847194720472147224723472447254726 |
- /* ssl_asn1.c
- *
- * Copyright (C) 2006-2024 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
- #ifdef HAVE_CONFIG_H
- #include <config.h>
- #endif
- #include <wolfssl/wolfcrypt/settings.h>
- #include <wolfssl/internal.h>
- #ifndef WC_NO_RNG
- #include <wolfssl/wolfcrypt/random.h>
- #endif
- #if !defined(WOLFSSL_SSL_ASN1_INCLUDED)
- #ifndef WOLFSSL_IGNORE_FILE_WARN
- #warning ssl_asn1.c does not need to be compiled separately from ssl.c
- #endif
- #else
- /*******************************************************************************
- * ASN1_item APIs
- ******************************************************************************/
- #ifndef NO_ASN
- #ifdef OPENSSL_EXTRA
- #ifdef OPENSSL_ALL
- /* Provides access to the member of the obj offset by offset */
- #define asn1Mem(obj, offset) (*(void**)(((byte*)(obj)) + (offset)))
- #define asn1Type(obj, offset) (*(int*)(((byte*)(obj)) + (offset)))
- static void* asn1_new_tpl(const WOLFSSL_ASN1_TEMPLATE *mem)
- {
- if (mem->sequence)
- return wolfSSL_sk_new_null();
- else
- return mem->new_func();
- }
- static void* asn1_item_alloc(const WOLFSSL_ASN1_ITEM* item)
- {
- void* ret = NULL;
- /* allocation */
- switch (item->type) {
- case WOLFSSL_ASN1_SEQUENCE:
- case WOLFSSL_ASN1_CHOICE:
- ret = (void *)XMALLOC(item->size, NULL, DYNAMIC_TYPE_OPENSSL);
- if (ret != NULL)
- XMEMSET(ret, 0, item->size);
- break;
- case WOLFSSL_ASN1_OBJECT_TYPE:
- if (item->mcount != 1 || item->members->offset) {
- WOLFSSL_MSG("incorrect member count or offset");
- return NULL;
- }
- ret = asn1_new_tpl(item->members);
- break;
- default:
- WOLFSSL_MSG("ASN1 type not implemented");
- return NULL;
- }
- return ret;
- }
- static int asn1_item_init(void* obj, const WOLFSSL_ASN1_ITEM* item)
- {
- const WOLFSSL_ASN1_TEMPLATE *mem = NULL;
- size_t i;
- int ret = 0;
- switch (item->type) {
- case WOLFSSL_ASN1_SEQUENCE:
- for (mem = item->members, i = 0; i < item->mcount; mem++, i++) {
- asn1Mem(obj, mem->offset) = asn1_new_tpl(mem);
- if (asn1Mem(obj, mem->offset) == NULL) {
- ret = WOLFSSL_FATAL_ERROR;
- break;
- }
- }
- break;
- case WOLFSSL_ASN1_OBJECT_TYPE:
- /* Initialized by new_func. Nothing to do. */
- break;
- case WOLFSSL_ASN1_CHOICE:
- asn1Type(obj, item->toffset) = -1;
- /* We don't know what to initialize. Nothing to do. */
- break;
- default:
- WOLFSSL_MSG("ASN1 type not implemented");
- ret = WOLFSSL_FATAL_ERROR;
- break;
- }
- return ret;
- }
- /* Create a new ASN1 item based on a template.
- *
- * @param [in] item Info about ASN1 items.
- * @return A new ASN1 item on success.
- * @return NULL when item is NULL, dynamic memory allocation fails or ASN1
- * item type not supported.
- */
- void* wolfSSL_ASN1_item_new(const WOLFSSL_ASN1_ITEM* item)
- {
- void* ret = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_item_new");
- if (item == NULL)
- return NULL;
- /* allocation */
- ret = asn1_item_alloc(item);
- if (ret == NULL)
- return NULL;
- /* initialization */
- if (asn1_item_init(ret, item) != 0) {
- wolfSSL_ASN1_item_free(ret, item);
- ret = NULL;
- }
- return ret;
- }
- static void asn1_free_tpl(void *obj, const WOLFSSL_ASN1_TEMPLATE *mem)
- {
- if (obj != NULL) {
- if (mem->sequence)
- wolfSSL_sk_pop_free((WOLFSSL_STACK *)obj, mem->free_func);
- else
- mem->free_func(obj);
- }
- }
- /* Dispose of ASN1 item based on a template.
- *
- * @param [in, out] val ASN item to free.
- * @param [in, item Info about ASN1 items.
- */
- void wolfSSL_ASN1_item_free(void *obj, const WOLFSSL_ASN1_ITEM *item)
- {
- const WOLFSSL_ASN1_TEMPLATE *mem = NULL;
- size_t i;
- WOLFSSL_ENTER("wolfSSL_ASN1_item_free");
- if (obj != NULL) {
- switch (item->type) {
- case WOLFSSL_ASN1_SEQUENCE:
- for (mem = item->members, i = 0; i < item->mcount; mem++, i++)
- asn1_free_tpl(asn1Mem(obj, mem->offset), mem);
- XFREE(obj, NULL, DYNAMIC_TYPE_OPENSSL);
- break;
- case WOLFSSL_ASN1_CHOICE:
- if (asn1Type(obj, item->toffset) < 0)
- break; /* type not set */
- for (mem = item->members, i = 0; i < item->mcount; mem++, i++) {
- if (asn1Type(obj, item->toffset) == mem->tag) {
- asn1_free_tpl(asn1Mem(obj, mem->offset), mem);
- break;
- }
- }
- XFREE(obj, NULL, DYNAMIC_TYPE_OPENSSL);
- break;
- case WOLFSSL_ASN1_OBJECT_TYPE:
- asn1_free_tpl(obj, item->members);
- break;
- default:
- WOLFSSL_MSG("ASN1 type not implemented");
- break;
- }
- }
- }
- static int i2d_asn1_items(const void* obj, byte** buf,
- const WOLFSSL_ASN1_TEMPLATE* mem)
- {
- int len = 0;
- int ret = 0;
- if (mem->sequence) {
- const WOLFSSL_STACK* sk = (WOLFSSL_STACK *)asn1Mem(obj, mem->offset);
- int ski; /* stack index */
- int innerLen = 0;
- /* Figure out the inner length first */
- for (ski = 0; ski < wolfSSL_sk_num(sk); ski++) {
- ret = mem->i2d_func(wolfSSL_sk_value(sk, ski), NULL);
- if (ret <= 0)
- break;
- innerLen += ret;
- }
- if (ret <= 0)
- return 0;
- if (buf != NULL && *buf != NULL) {
- /* Now write it out */
- int writeLen = 0;
- *buf += SetSequence((word32)innerLen, *buf);
- for (ski = 0; ski < wolfSSL_sk_num(sk); ski++) {
- ret = mem->i2d_func(wolfSSL_sk_value(sk, ski), buf);
- if (ret <= 0)
- break;
- writeLen += ret;
- }
- if (ret <= 0 || writeLen != innerLen)
- return 0;
- }
- len = (int)SetSequence((word32)innerLen, NULL) + innerLen;
- }
- else {
- ret = mem->i2d_func(asn1Mem(obj, mem->offset),
- buf != NULL && *buf != NULL ? buf : NULL);
- if (ret <= 0)
- return 0;
- len = ret;
- }
- return len;
- }
- /* Encode members of an ASN.1 SEQUENCE as DER.
- *
- * @param [in] src ASN1 items to encode.
- * @param [in, out] buf Buffer to encode into. May be NULL.
- * @param [in] members ASN1 template members.
- * @param [in] mcount Count of template members.
- * @return Length of DER encoding on success.
- * @return 0 on failure.
- */
- static int wolfssl_i2d_asn1_items(const void* obj, byte* buf,
- const WOLFSSL_ASN1_TEMPLATE* members, size_t mcount)
- {
- const WOLFSSL_ASN1_TEMPLATE* mem = NULL;
- int len = 0;
- int ret;
- size_t i;
- WOLFSSL_ENTER("wolfssl_i2d_asn1_items");
- for (mem = members, i = 0; i < mcount; mem++, i++) {
- byte* tmp = buf;
- if (mem->ex && mem->tag >= 0) {
- /* Figure out the inner length */
- int innerLen = 0;
- int hdrLen = 0;
- ret = i2d_asn1_items(obj, NULL, mem);
- if (ret <= 0) {
- len = 0;
- break;
- }
- innerLen = ret;
- hdrLen = SetExplicit((byte)mem->tag, (word32)innerLen, buf, 0);
- len += hdrLen;
- if (buf != NULL)
- buf += hdrLen;
- }
- ret = i2d_asn1_items(obj, &buf, mem);
- if (ret <= 0) {
- len = 0;
- break;
- }
- if (buf != NULL && tmp != NULL && !mem->ex && mem->tag >= 0) {
- /* Encode the implicit tag */
- byte imp[ASN_TAG_SZ + MAX_LENGTH_SZ];
- SetImplicit(tmp[0], mem->tag, 0, imp, 0);
- tmp[0] = imp[0];
- }
- len += ret;
- }
- WOLFSSL_LEAVE("wolfssl_i2d_asn1_items", len);
- return len;
- }
- /* Encode sequence and items under it.
- *
- * @param [in] src ASN1 items to encode.
- * @param [in, out] buf Buffer to encode into. May be NULL.
- * @param [in] tpl Template of ASN1 items.
- * @return Length of DER encoding on success.
- * @return 0 on failure.
- */
- static int i2d_ASN_SEQUENCE(const void* obj, byte* buf,
- const WOLFSSL_ASN1_ITEM* item)
- {
- word32 seq_len;
- word32 len = 0;
- seq_len = (word32)wolfssl_i2d_asn1_items(obj, NULL, item->members,
- item->mcount);
- if (seq_len != 0) {
- len = SetSequence(seq_len, buf);
- if (buf != NULL) {
- if (wolfssl_i2d_asn1_items(obj, buf + len, item->members,
- item->mcount) > 0)
- len += seq_len; /* success */
- else
- len = 0; /* error */
- }
- else
- len += seq_len;
- }
- return (int)len;
- }
- static int i2d_ASN_CHOICE(const void* obj, byte* buf,
- const WOLFSSL_ASN1_ITEM* item)
- {
- const WOLFSSL_ASN1_TEMPLATE* mem = NULL;
- size_t i;
- if (asn1Type(obj, item->toffset) < 0)
- return 0; /* type not set */
- for (mem = item->members, i = 0; i < item->mcount; mem++, i++) {
- if (asn1Type(obj, item->toffset) == mem->tag) {
- return wolfssl_i2d_asn1_items(obj, buf, mem, 1);
- }
- }
- return 0;
- }
- static int i2d_ASN_OBJECT_TYPE(const void* obj, byte* buf,
- const WOLFSSL_ASN1_ITEM* item)
- {
- /* To be able to use wolfssl_i2d_asn1_items without any modifications,
- * pass in a pointer to obj so that asn1Mem uses the correct pointer. */
- const void ** obj_pp = &obj;
- return wolfssl_i2d_asn1_items(obj_pp, buf, item->members, item->mcount);
- }
- /* Encode ASN1 template item.
- *
- * @param [in] src ASN1 items to encode.
- * @param [in, out] buf Buffer to encode into. May be NULL.
- * @param [in] tpl Template of ASN1 items.
- * @return Length of DER encoding on success.
- * @return 0 on failure.
- */
- static int wolfssl_asn1_item_encode(const void* obj, byte* buf,
- const WOLFSSL_ASN1_ITEM* item)
- {
- int len;
- switch (item->type) {
- case WOLFSSL_ASN1_SEQUENCE:
- len = i2d_ASN_SEQUENCE(obj, buf, item);
- break;
- case WOLFSSL_ASN1_OBJECT_TYPE:
- len = i2d_ASN_OBJECT_TYPE(obj, buf, item);
- break;
- case WOLFSSL_ASN1_CHOICE:
- len = i2d_ASN_CHOICE(obj, buf, item);
- break;
- default:
- WOLFSSL_MSG("Type not supported in wolfSSL_ASN1_item_i2d");
- len = 0;
- }
- return len;
- }
- /* Encode ASN1 template.
- *
- * @param [in] src ASN1 items to encode.
- * @param [in, out] dest Pointer to buffer to encode into. May be NULL.
- * @param [in] tpl Template of ASN1 items.
- * @return Length of DER encoding on success.
- * @return WOLFSSL_FATAL_ERROR on failure.
- */
- int wolfSSL_ASN1_item_i2d(const void* obj, byte** dest,
- const WOLFSSL_ASN1_ITEM* item)
- {
- int ret = 1;
- int len = 0;
- byte* buf = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_item_i2d");
- /* Validate parameters. */
- if ((obj == NULL) || (item == NULL)) {
- ret = 0;
- }
- if ((ret == 1) && ((len = wolfssl_asn1_item_encode(obj, NULL, item)) == 0))
- ret = 0;
- if ((ret == 1) && (dest != NULL)) {
- if (*dest == NULL) {
- buf = (byte*)XMALLOC((size_t)len, NULL, DYNAMIC_TYPE_ASN1);
- if (buf == NULL)
- ret = 0;
- }
- else
- buf = *dest;
- if (ret == 1) {
- len = wolfssl_asn1_item_encode(obj, buf, item);
- if (len <= 0)
- ret = 0;
- }
- if (ret == 1) {
- if (*dest == NULL)
- *dest = buf;
- else
- *dest += len;
- }
- }
- if (ret == 0) {
- if (*dest == NULL)
- XFREE(buf, NULL, DYNAMIC_TYPE_ASN1);
- len = WOLFSSL_FATAL_ERROR;
- }
- WOLFSSL_LEAVE("wolfSSL_ASN1_item_i2d", len);
- return len;
- }
- static void* d2i_obj(const WOLFSSL_ASN1_TEMPLATE* mem, const byte** src,
- long* len)
- {
- void* ret;
- const byte* tmp = *src;
- ret = mem->d2i_func(NULL, &tmp, *len);
- if (ret == NULL) {
- WOLFSSL_MSG("d2i error");
- return NULL;
- }
- if (tmp <= *src) {
- WOLFSSL_MSG("ptr not advanced");
- mem->free_func(ret); /* never a stack so we can call this directly */
- return NULL;
- }
- *len -= (long)(tmp - *src);
- *src = tmp;
- return ret;
- }
- static void* d2i_generic_obj(const WOLFSSL_ASN1_TEMPLATE* mem, const byte** src,
- long* len)
- {
- void* ret = NULL;
- if (mem->sequence) {
- long skl = 0;
- int slen = 0;
- WOLFSSL_STACK* sk = NULL;
- word32 idx = 0;
- const byte* tmp = *src;
- if (GetSequence(tmp, &idx, &slen, (word32)*len) < 0)
- goto error;
- skl = (long)slen;
- tmp += idx;
- ret = sk = wolfSSL_sk_new_null();
- while (skl > 0) {
- void* new_obj = d2i_obj(mem, &tmp, &skl);
- if (new_obj == NULL) {
- WOLFSSL_MSG("d2i_obj failed");
- goto error;
- }
- if (wolfSSL_sk_insert(sk, new_obj, -1) <= 0) {
- mem->free_func(new_obj);
- WOLFSSL_MSG("push failed");
- goto error;
- }
- }
- if (skl != 0) {
- WOLFSSL_MSG("l not zero after sequence");
- goto error;
- }
- *len -= (long)slen;
- *src = tmp;
- }
- else {
- ret = d2i_obj(mem, src, len);
- }
- return ret;
- error:
- asn1_free_tpl(ret, mem);
- return NULL;
- }
- static int d2i_handle_tags(const WOLFSSL_ASN1_TEMPLATE* mem, const byte** src,
- long* len, byte** impBuf, int* asnLen)
- {
- if (mem->tag >= 0) {
- byte tag = 0;
- word32 idx = 0;
- if (mem->ex) {
- if (GetASNTag(*src, &idx, &tag, (word32)*len) < 0 ||
- (byte)(ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | mem->tag)
- != tag ||
- GetLength(*src, &idx, asnLen, (word32)*len) < 0) {
- WOLFSSL_MSG("asn tag error");
- return WOLFSSL_FATAL_ERROR;
- }
- *len -= idx;
- *src += idx;
- }
- else {
- /* Underlying d2i functions won't be able to handle the implicit
- * tag so we substitute it for the expected tag. */
- if (mem->first_byte == 0) {
- WOLFSSL_MSG("first byte not set");
- return WOLFSSL_FATAL_ERROR;
- }
- if (GetASNTag(*src, &idx, &tag, (word32)*len) < 0 ||
- (byte)mem->tag != (tag & ASN_TYPE_MASK) ||
- GetLength(*src, &idx, asnLen, (word32)*len) < 0) {
- WOLFSSL_MSG("asn tag error");
- return WOLFSSL_FATAL_ERROR;
- }
- *asnLen += idx; /* total buffer length */
- *impBuf = (byte*)XMALLOC(*asnLen, NULL,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (*impBuf == NULL) {
- WOLFSSL_MSG("malloc error");
- return WOLFSSL_FATAL_ERROR;
- }
- XMEMCPY(*impBuf, *src, *asnLen);
- (*impBuf)[0] = mem->first_byte;
- }
- }
- return 0;
- }
- static void* d2i_generic(const WOLFSSL_ASN1_TEMPLATE* mem,
- const byte** src, long* len)
- {
- int asnLen = -1;
- const byte *tmp = NULL;
- void* ret = NULL;
- byte* impBuf = NULL;
- long l;
- if (*len <= 0) {
- WOLFSSL_MSG("buffer too short");
- return NULL;
- }
- if (d2i_handle_tags(mem, src, len, &impBuf, &asnLen) != 0) {
- WOLFSSL_MSG("tags error");
- goto error;
- }
- if (impBuf != NULL)
- tmp = impBuf;
- else
- tmp = *src;
- l = (long)(asnLen >= 0 ? asnLen : *len);
- ret = d2i_generic_obj(mem, &tmp, &l);
- if (l < 0) {
- WOLFSSL_MSG("ptr advanced too far");
- goto error;
- }
- if (impBuf != NULL) {
- tmp = *src + (tmp - impBuf); /* for the next calculation */
- XFREE(impBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- impBuf = NULL;
- }
- if (asnLen >= 0 && (int)(tmp - *src) != asnLen) {
- WOLFSSL_MSG("ptr not advanced enough");
- goto error;
- }
- *len -= (long)(tmp - *src);
- *src = tmp;
- return ret;
- error:
- asn1_free_tpl(ret, mem);
- if (impBuf != NULL)
- XFREE(impBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- return NULL;
- }
- static int d2i_ASN_SEQUENCE(void* obj, const byte **src, long len,
- const WOLFSSL_ASN1_ITEM* item)
- {
- const WOLFSSL_ASN1_TEMPLATE* mem = NULL;
- int err;
- word32 idx = 0;
- int slen = 0;
- size_t i;
- const byte* s = *src;
- err = GetSequence(s, &idx, &slen, (word32)len);
- if (err <= 0) {
- WOLFSSL_MSG("GetSequence error");
- return WOLFSSL_FATAL_ERROR;
- }
- s += idx;
- len -= idx;
- for (mem = item->members, i = 0; i < item->mcount; mem++, i++) {
- asn1Mem(obj, mem->offset) = d2i_generic(mem, &s, &len);
- if (asn1Mem(obj, mem->offset) == NULL) {
- WOLFSSL_MSG("d2i error");
- return WOLFSSL_FATAL_ERROR;
- }
- }
- *src = s;
- return 0;
- }
- static int d2i_ASN_CHOICE(void* obj, const byte **src, long len,
- const WOLFSSL_ASN1_ITEM* item)
- {
- const WOLFSSL_ASN1_TEMPLATE* mem = NULL;
- size_t i;
- for (mem = item->members, i = 0; i < item->mcount; mem++, i++) {
- asn1Mem(obj, mem->offset) = d2i_generic(mem, src, &len);
- if (asn1Mem(obj, mem->offset) != NULL) {
- asn1Type(obj, item->toffset) = mem->tag;
- return 0;
- }
- }
- WOLFSSL_MSG("der does not decode with any CHOICE");
- return WOLFSSL_FATAL_ERROR;
- }
- static void* d2i_ASN_OBJECT_TYPE(const byte **src, long len,
- const WOLFSSL_ASN1_ITEM* item)
- {
- return d2i_generic(item->members, src, &len);
- }
- void* wolfSSL_ASN1_item_d2i(void** dst, const byte **src, long len,
- const WOLFSSL_ASN1_ITEM* item)
- {
- void* obj = NULL;
- int err = 0;
- const byte *tmp;
- WOLFSSL_ENTER("wolfSSL_ASN1_item_d2i");
- if (src == NULL || *src == NULL || len <= 0 || item == NULL) {
- WOLFSSL_LEAVE("wolfSSL_ASN1_item_d2i", 0);
- return NULL;
- }
- tmp = *src;
- /* Create an empty object. */
- switch (item->type) {
- case WOLFSSL_ASN1_SEQUENCE:
- case WOLFSSL_ASN1_CHOICE:
- obj = asn1_item_alloc(item);
- if (obj == NULL)
- return NULL;
- break;
- case WOLFSSL_ASN1_OBJECT_TYPE:
- /* allocated later */
- break;
- default:
- WOLFSSL_MSG("Type not supported in wolfSSL_ASN1_item_d2i");
- return NULL;
- }
- switch (item->type) {
- case WOLFSSL_ASN1_SEQUENCE:
- err = d2i_ASN_SEQUENCE(obj, &tmp, len, item);
- break;
- case WOLFSSL_ASN1_CHOICE:
- err = d2i_ASN_CHOICE(obj, &tmp, len, item);
- break;
- case WOLFSSL_ASN1_OBJECT_TYPE:
- obj = d2i_ASN_OBJECT_TYPE(&tmp, len, item);
- if (obj == NULL)
- err = WOLFSSL_FATAL_ERROR;
- break;
- default:
- WOLFSSL_MSG("Type not supported in wolfSSL_ASN1_item_d2i");
- err = WOLFSSL_FATAL_ERROR;
- break;
- }
- if (err == 0)
- *src = tmp;
- else {
- wolfSSL_ASN1_item_free(obj, item);
- obj = NULL;
- }
- if (dst != NULL && obj != NULL) {
- if (*dst != NULL)
- wolfSSL_ASN1_item_free(*dst, item);
- *dst = obj;
- }
- WOLFSSL_LEAVE("wolfSSL_ASN1_item_d2i", obj != NULL);
- return obj;
- }
- #endif /* OPENSSL_ALL */
- #endif /* OPENSSL_EXTRA */
- /*******************************************************************************
- * ASN1_BIT_STRING APIs
- ******************************************************************************/
- #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
- /* Create a new ASN.1 BIT_STRING object.
- *
- * @return ASN.1 BIT_STRING object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_BIT_STRING* wolfSSL_ASN1_BIT_STRING_new(void)
- {
- WOLFSSL_ASN1_BIT_STRING* bitStr;
- bitStr = (WOLFSSL_ASN1_BIT_STRING*)XMALLOC(sizeof(WOLFSSL_ASN1_BIT_STRING),
- NULL, DYNAMIC_TYPE_OPENSSL);
- if (bitStr) {
- XMEMSET(bitStr, 0, sizeof(WOLFSSL_ASN1_BIT_STRING));
- }
- return bitStr;
- }
- /* Dispose of ASN.1 BIT_STRING object.
- *
- * Do not use bitStr after calling this function.
- *
- * @param [in, out] bitStr ASN.1 BIT_STRING to free. May be NULL.
- */
- void wolfSSL_ASN1_BIT_STRING_free(WOLFSSL_ASN1_BIT_STRING* bitStr)
- {
- if (bitStr != NULL) {
- /* Dispose of any data allocated in BIT_STRING. */
- XFREE(bitStr->data, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- /* Dispose of the ASN.1 BIT_STRING object. */
- XFREE(bitStr, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- /* Get the value of the bit from the ASN.1 BIT_STRING at specified index.
- *
- * A NULL object a value of 0 for the bit at all indices.
- * A negative index has a value of 0 for the bit.
- *
- * @param [in] bitStr ASN.1 BIT_STRING object.
- * @param [in] i Index of bit.
- * @return Value of bit.
- */
- int wolfSSL_ASN1_BIT_STRING_get_bit(const WOLFSSL_ASN1_BIT_STRING* bitStr,
- int i)
- {
- int bit = 0;
- /* Check for data and whether index is in range. */
- if ((bitStr != NULL) && (bitStr->data != NULL) && (i >= 0) &&
- (bitStr->length > (i / 8))) {
- bit = (bitStr->data[i / 8] & (1 << (7 - (i % 8)))) ? 1 : 0;
- }
- return bit;
- }
- /* Grow data to require length.
- *
- * @param [in] bitStr ASN.1 BIT_STRING object.
- * @param [in] len Length, in bytes, of data required.
- * @return 1 on success.
- * @return 0 when dynamic memory allocation fails.
- */
- static int wolfssl_asn1_bit_string_grow(WOLFSSL_ASN1_BIT_STRING* bitStr,
- int len)
- {
- int ret = 1;
- byte* tmp;
- /* Realloc to length required. */
- tmp = (byte*)XREALLOC(bitStr->data, (size_t)len, NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (tmp == NULL) {
- ret = 0;
- }
- else {
- /* Clear out new, top bytes. */
- if (len > bitStr->length)
- XMEMSET(tmp + bitStr->length, 0, (size_t)(len - bitStr->length));
- bitStr->data = tmp;
- bitStr->length = len;
- }
- return ret;
- }
- /* Set the value of a bit in the ASN.1 BIT_STRING at specified index.
- *
- * @param [in] bitStr ASN.1 BIT_STRING object.
- * @param [in] idx Index of bit to set.
- * @param [in] val Value of bit to set. Valid values: 0 or 1.
- * @return 1 on success.
- * @return 0 when bitStr is NULL, idx is negative, val is not 0 or 1, or
- * dynamic memory allocation fails.
- */
- int wolfSSL_ASN1_BIT_STRING_set_bit(WOLFSSL_ASN1_BIT_STRING* bitStr, int idx,
- int val)
- {
- int ret = 1;
- int i = 0;
- /* Validate parameters. */
- if ((bitStr == NULL) || (idx < 0) || ((val != 0) && (val != 1))) {
- ret = 0;
- }
- if (ret == 1) {
- i = idx / 8;
- /* Check if we need to extend data range. */
- if ((i >= bitStr->length) && (val != 0)) {
- /* Realloc data to handle having bit set at index. */
- ret = wolfssl_asn1_bit_string_grow(bitStr, i + 1);
- }
- }
- if ((ret == 1) && (i < bitStr->length)) {
- /* Bit on at index. */
- byte bit = 1 << (7 - (idx % 8));
- /* Clear bit and set to value. */
- bitStr->data[i] &= ~bit;
- bitStr->data[i] |= bit & (byte)(0 - val);
- }
- return ret;
- }
- /* Serialize object to DER encoding
- *
- * @param bstr Object to serialize
- * @param pp Output
- * @return Length on success
- * Negative number on failure
- */
- int wolfSSL_i2d_ASN1_BIT_STRING(const WOLFSSL_ASN1_BIT_STRING* bstr,
- unsigned char** pp)
- {
- int len;
- unsigned char* buf;
- if (bstr == NULL || (bstr->data == NULL && bstr->length != 0))
- return WOLFSSL_FATAL_ERROR;
- len = (int)SetBitString((word32)bstr->length, 0, NULL) + bstr->length;
- if (pp != NULL) {
- word32 idx;
- if (*pp != NULL)
- buf = *pp;
- else {
- buf = (byte*)XMALLOC((size_t)len, NULL, DYNAMIC_TYPE_ASN1);
- if (buf == NULL)
- return WOLFSSL_FATAL_ERROR;
- }
- idx = SetBitString((word32)bstr->length, 0, buf);
- if (bstr->length > 0)
- XMEMCPY(buf + idx, bstr->data, (size_t)bstr->length);
- if (*pp != NULL)
- *pp += len;
- else
- *pp = buf;
- }
- return len;
- }
- WOLFSSL_ASN1_BIT_STRING* wolfSSL_d2i_ASN1_BIT_STRING(
- WOLFSSL_ASN1_BIT_STRING** out, const byte** src, long len)
- {
- WOLFSSL_ASN1_BIT_STRING* ret = NULL;
- #ifdef WOLFSSL_ASN_TEMPLATE
- word32 idx = 0;
- byte tag = 0;
- int length = 0;
- WOLFSSL_ENTER("wolfSSL_d2i_ASN1_BIT_STRING");
- if (src == NULL || *src == NULL || len == 0)
- return NULL;
- if (GetASNTag(*src, &idx, &tag, (word32)len) < 0)
- return NULL;
- if (tag != ASN_BIT_STRING)
- return NULL;
- if (GetLength(*src, &idx, &length, (word32)len) < 0)
- return NULL;
- if (GetASN_BitString(*src, idx, length) != 0)
- return NULL;
- idx++; /* step over unused bits */
- length--;
- ret = wolfSSL_ASN1_BIT_STRING_new();
- if (ret == NULL)
- return NULL;
- if (wolfssl_asn1_bit_string_grow(ret, length) != 1) {
- wolfSSL_ASN1_BIT_STRING_free(ret);
- return NULL;
- }
- XMEMCPY(ret->data, *src + idx, length);
- *src += idx + (word32)length;
- if (out != NULL) {
- if (*out != NULL)
- wolfSSL_ASN1_BIT_STRING_free(*out);
- *out = ret;
- }
- #else
- WOLFSSL_MSG("d2i_ASN1_BIT_STRING needs --enable-asn=template");
- (void)out;
- (void)src;
- (void)len;
- #endif
- return ret;
- }
- #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
- /*******************************************************************************
- * ASN1_INTEGER APIs
- ******************************************************************************/
- #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
- /* Create a new empty ASN.1 INTEGER object.
- *
- * @return ASN.1 INTEGER object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_new(void)
- {
- WOLFSSL_ASN1_INTEGER* a;
- /* Allocate a new ASN.1 INTEGER object. */
- a = (WOLFSSL_ASN1_INTEGER*)XMALLOC(sizeof(WOLFSSL_ASN1_INTEGER), NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (a != NULL) {
- XMEMSET(a, 0, sizeof(WOLFSSL_ASN1_INTEGER));
- /* Use fixed buffer field for data. */
- a->data = a->intData;
- a->isDynamic = 0;
- /* Maximum supported by fixed buffer. */
- a->dataMax = WOLFSSL_ASN1_INTEGER_MAX;
- /* No value set - no data. */
- a->length = 0;
- }
- return a;
- }
- /* Free the ASN.1 INTEGER object and any dynamically allocated data.
- *
- * @param [in, out] in ASN.1 INTEGER object.
- */
- void wolfSSL_ASN1_INTEGER_free(WOLFSSL_ASN1_INTEGER* in)
- {
- if ((in != NULL) && (in->isDynamic)) {
- /* Dispose of any data allocated in INTEGER. */
- XFREE(in->data, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- /* Dispose of the ASN.1 INTEGER object. */
- XFREE(in, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- #if defined(OPENSSL_EXTRA)
- /* Reset the data of ASN.1 INTEGER object back to empty fixed array.
- *
- * @param [in] a ASN.1 INTEGER object.
- */
- static void wolfssl_asn1_integer_reset_data(WOLFSSL_ASN1_INTEGER* a)
- {
- /* Don't use dynamic buffer anymore. */
- if (a->isDynamic) {
- /* Cache pointer to allocated data. */
- unsigned char* data = a->data;
- /* No longer dynamic. */
- a->isDynamic = 0;
- /* Point data at fixed array. */
- a->data = a->intData;
- /* Set maximum length to fixed array size. */
- a->dataMax = (unsigned int)sizeof(a->intData);
- /* Dispose of dynamically allocated data. */
- XFREE(data, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- /* Clear out data from fixed array. */
- XMEMSET(a->intData, 0, sizeof(a->intData));
- /* No data, no length. */
- a->length = 0;
- /* No data, not negative. */
- a->negative = 0;
- /* Set type to positive INTEGER. */
- a->type = WOLFSSL_V_ASN1_INTEGER;
- }
- #endif /* OPENSSL_EXTRA */
- /* Setup ASN.1 INTEGER object to handle data of required length.
- *
- * @param [in, out] a ASN.1 INTEGER object.
- * @param [in] len Required length in bytes.
- * @return 1 on success.
- * @return 0 on dynamic memory allocation failure.
- */
- static int wolfssl_asn1_integer_require_len(WOLFSSL_ASN1_INTEGER* a, int len,
- int keepOldData)
- {
- int ret = 1;
- byte* data;
- byte* oldData = a->intData;
- int oldLen = a->length;
- if (a->isDynamic && (len > (int)a->dataMax)) {
- oldData = a->data;
- a->isDynamic = 0;
- a->data = a->intData;
- a->dataMax = (unsigned int)sizeof(a->intData);
- }
- a->length = 0;
- if ((!a->isDynamic) && (len > (int)a->dataMax)) {
- /* Create a new buffer to hold large integer value. */
- data = (byte*)XMALLOC((size_t)len, NULL, DYNAMIC_TYPE_OPENSSL);
- if (data == NULL) {
- ret = 0;
- }
- else {
- /* Indicate data is dynamic and copy data over. */
- a->isDynamic = 1;
- a->data = data;
- a->dataMax = (word32)len;
- }
- }
- if (keepOldData) {
- if (oldData != a->data) {
- /* Copy old data into new buffer. */
- XMEMCPY(a->data, oldData, (size_t)oldLen);
- }
- /* Restore old length. */
- a->length = oldLen;
- }
- if (oldData != a->intData) {
- /* Dispose of the old dynamic data. */
- XFREE(oldData, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- return ret;
- }
- /* Duplicate the ASN.1 INTEGER object into a newly allocated one.
- *
- * @param [in] src ASN.1 INTEGER object to copy.
- * @return ASN.1 INTEGER object on success.
- * @return NULL when src is NULL or dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_dup(const WOLFSSL_ASN1_INTEGER* src)
- {
- WOLFSSL_ASN1_INTEGER* dup = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_INTEGER_dup");
- /* Check for object to duplicate. */
- if (src != NULL) {
- /* Create a new ASN.1 INTEGER object to be copied into. */
- dup = wolfSSL_ASN1_INTEGER_new();
- }
- /* Check for object to copy into. */
- if (dup != NULL) {
- /* Copy simple fields. */
- dup->length = src->length;
- dup->negative = src->negative;
- dup->type = src->type;
- if (!src->isDynamic) {
- /* Copy over data from/to fixed buffer. */
- XMEMCPY(dup->intData, src->intData, WOLFSSL_ASN1_INTEGER_MAX);
- }
- else if (wolfssl_asn1_integer_require_len(dup, src->length, 0) == 0) {
- wolfSSL_ASN1_INTEGER_free(dup);
- dup = NULL;
- }
- else {
- XMEMCPY(dup->data, src->data, (size_t)src->length);
- }
- }
- return dup;
- }
- #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
- #if defined(OPENSSL_EXTRA)
- /* Compare values in two ASN.1 INTEGER objects.
- *
- * @param [in] a First ASN.1 INTEGER object.
- * @param [in] b Second ASN.1 INTEGER object.
- * @return Negative value when a is less than b.
- * @return 0 when a equals b.
- * @return Positive value when a is greater than b.
- * @return WOLFSSL_FATAL_ERROR when a or b is NULL.
- */
- int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER* a,
- const WOLFSSL_ASN1_INTEGER* b)
- {
- int ret = 0;
- WOLFSSL_ENTER("wolfSSL_ASN1_INTEGER_cmp");
- /* Validate parameters. */
- if ((a == NULL) || (b == NULL)) {
- WOLFSSL_MSG("Bad parameter.");
- ret = WOLFSSL_FATAL_ERROR;
- }
- /* Negative value < Positive value */
- else if (a->negative && !b->negative) {
- ret = -2; /* avoid collision with WOLFSSL_FATAL_ERROR */
- }
- /* Positive value > Negative value */
- else if (!a->negative && b->negative) {
- ret = 1;
- }
- else {
- /* Check for difference in length. */
- if (a->length != b->length) {
- ret = a->length - b->length;
- }
- else {
- /* Compare data given they are the same length. */
- ret = XMEMCMP(a->data, b->data, (size_t)a->length);
- }
- /* Reverse comparison result when both negative. */
- if (a->negative) {
- ret = -ret;
- }
- }
- WOLFSSL_LEAVE("wolfSSL_ASN1_INTEGER_cmp", ret);
- return ret;
- }
- /* Calculate 2's complement of DER encoding.
- *
- * @param [in] data Array that is number.
- * @param [in] length Number of bytes in array.
- * @return 0 on success.
- * @return -1 when get length from DER header failed.
- */
- static void wolfssl_twos_compl(byte* data, int length)
- {
- int i;
- /* Invert bits - 1's complement. */
- for (i = 0; i < length; ++i) {
- data[i] = ~data[i];
- }
- /* 2's complement - add 1. */
- for (i = length - 1; (++data[i]) == 0; --i) {
- /* Do nothing. */
- }
- }
- /* Calculate 2's complement of DER encoding.
- *
- * @param [in|out] data Array that is number.
- * @param [in] length Number of bytes in array.
- * @param [out] neg When NULL, 2's complement data.
- * When not NULL, check for negative first and return.
- * @return 0 on success.
- * @return -1 when get length from DER header failed.
- */
- static int wolfssl_asn1_int_twos_compl(byte* data, int length, byte* neg)
- {
- int ret = 0;
- word32 idx = 1; /* Skip tag. */
- int len;
- /* Get length from DER header. */
- if (GetLength(data, &idx, &len, (word32)length) < 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- if (neg != NULL) {
- *neg = data[idx] & 0x80;
- }
- if ((neg == NULL) || (*neg != 0)) {
- wolfssl_twos_compl(data + idx, length - (int)idx);
- }
- }
- return ret;
- }
- /* Encode ASN.1 INTEGER as DER without tag.
- *
- * When out points to NULL, a new buffer is allocated and returned.
- *
- * @param [in] a ASN.1 INTEGER object.
- * @param [in, out] out Pointer to buffer to hold encoding. May point to NULL.
- * @return Length of encoding on success.
- * @return -1 when a is NULL or no data, out is NULL, dynamic memory allocation
- * fails or encoding length fails.
- */
- int wolfSSL_i2d_ASN1_INTEGER(const WOLFSSL_ASN1_INTEGER* a, unsigned char** pp)
- {
- WOLFSSL_ENTER("wolfSSL_i2d_ASN1_INTEGER");
- /* Validate parameters. */
- if (a == NULL || a->data == NULL || a->length <= 0) {
- WOLFSSL_MSG("Bad parameter.");
- return WOLFSSL_FATAL_ERROR;
- }
- if (pp != NULL) {
- byte* buf;
- if (*pp != NULL)
- buf = *pp;
- else {
- buf = (byte*)XMALLOC((size_t)a->length, NULL, DYNAMIC_TYPE_ASN1);
- if (buf == NULL)
- return WOLFSSL_FATAL_ERROR;
- }
- /* Copy the data (including tag and length) into output buffer. */
- XMEMCPY(buf, a->data, (size_t)a->length);
- /* Only magnitude of the number stored (i.e. the sign isn't encoded).
- * The "negative" field is 1 if the value must be interpreted as
- * negative and we need to output the 2's complement of the value in
- * the DER output.
- */
- if (a->negative &&
- wolfssl_asn1_int_twos_compl(buf, a->length, NULL) != 0) {
- if (*pp == NULL)
- XFREE(buf, NULL, DYNAMIC_TYPE_ASN1);
- return WOLFSSL_FATAL_ERROR;
- }
- if (*pp != NULL)
- *pp += a->length;
- else
- *pp = buf;
- }
- return a->length;
- }
- /* Decode DER encoding of ASN.1 INTEGER.
- *
- * @param [out] a ASN.1 INTEGER object. May be NULL.
- * @param [in, out] in Pointer to buffer containing DER encoding.
- * @param [in] inSz Length of data in buffer.
- * @return ASN.1 INTEGER object on success.
- * @return NULL when in or *in is NULL, inSz is less than or equal to 2 or
- * parsing DER failed.
- */
- WOLFSSL_ASN1_INTEGER* wolfSSL_d2i_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER** a,
- const unsigned char** in, long inSz)
- {
- WOLFSSL_ASN1_INTEGER* ret = NULL;
- int err = 0;
- word32 idx = 1;
- int len = 0;
- WOLFSSL_ENTER("wolfSSL_d2i_ASN1_INTEGER");
- /* Validate parameters. */
- if ((in == NULL) || (*in == NULL) || (inSz <= 2)) {
- WOLFSSL_MSG("Bad parameter");
- err = 1;
- }
- /* Check that the tag is correct. */
- if ((!err) && (*in)[0] != ASN_INTEGER) {
- WOLFSSL_MSG("Tag doesn't indicate integer type.");
- err = 1;
- }
- /* Check that length and use this instead of inSz. */
- if ((!err) && (GetLength(*in, &idx, &len, (word32)inSz) <= 0)) {
- WOLFSSL_MSG("ASN.1 length not valid.");
- err = 1;
- }
- /* Allocate a new ASN.1 INTEGER object. */
- if ((!err) && ((ret = wolfSSL_ASN1_INTEGER_new()) == NULL)) {
- err = 1;
- }
- if ((!err) && (wolfssl_asn1_integer_require_len(ret, (int)idx + len, 0) !=
- 1)) {
- err = 1;
- }
- if (!err) {
- /* Set type. */
- ret->type = WOLFSSL_V_ASN1_INTEGER;
- /* Copy DER encoding and length. */
- XMEMCPY(ret->data, *in, (size_t)(idx + (word32)len));
- ret->length = (int)idx + len;
- /* Do 2's complement if number is negative. */
- if (wolfssl_asn1_int_twos_compl(ret->data, ret->length, &ret->negative)
- != 0) {
- err = 1;
- }
- }
- if ((!err) && ret->negative) {
- /* Update type if number was negative. */
- ret->type |= WOLFSSL_V_ASN1_NEG_INTEGER;
- }
- if (err) {
- /* Dispose of dynamically allocated data on error. */
- wolfSSL_ASN1_INTEGER_free(ret);
- ret = NULL;
- }
- else {
- if (a != NULL) {
- /* Return ASN.1 INTEGER through a. */
- *a = ret;
- }
- *in += ret->length;
- }
- return ret;
- }
- #ifndef NO_BIO
- /* Get length of leading hexadecimal characters.
- *
- * Looks for continuation character before carriage returns and line feeds.
- *
- * @param [in] str String with input.
- * @param [in] len Length of string.
- * @param [out] cont Line continuation character at end of line before
- * carriage returns and line feeds.
- * @return Number of leading hexadecimal characters in string.
- */
- static int wolfssl_a2i_asn1_integer_clear_to_eol(char* str, int len, int* cont)
- {
- byte num;
- word32 nLen;
- int i;
- /* Strip off trailing carriage returns and line feeds. */
- while ((len > 0) && ((str[len - 1] == '\n') || (str[len - 1] == '\r'))) {
- len--;
- }
- /* Check for line continuation character. */
- if ((len > 0) && (str[len - 1] == '\\')) {
- *cont = 1;
- len--;
- }
- else {
- *cont = 0;
- }
- /* Find end of hexadecimal characters. */
- nLen = 1;
- for (i = 0; i < len; i++) {
- /* Check if character is a hexadecimal character. */
- if (Base16_Decode((const byte*)str + i, 1, &num, &nLen) ==
- WC_NO_ERR_TRACE(ASN_INPUT_E))
- {
- /* Found end of hexadecimal characters, return count. */
- len = i;
- break;
- }
- }
- return len;
- }
- /* Read number from BIO as a string.
- *
- * Line continuation character at end of line means next line must be read.
- *
- * @param [in] bio BIO to read from.
- * @param [in] asn1 ASN.1 INTEGER object to put number into.
- * @param [in, out] buf Buffer to use when reading.
- * @param [in] size Length of buffer in bytes.
- * @return 1 on success.
- * @return 0 on failure.
- */
- int wolfSSL_a2i_ASN1_INTEGER(WOLFSSL_BIO *bio, WOLFSSL_ASN1_INTEGER *asn1,
- char *buf, int size)
- {
- int ret = 1;
- int readNextLine = 1;
- int len;
- word32 outLen = 0;
- const int hdrSz = 1 + MAX_LENGTH_SZ;
- WOLFSSL_ENTER("wolfSSL_a2i_ASN1_INTEGER");
- if ((bio == NULL) || (asn1 == NULL) || (buf == NULL) || (size <= 0)) {
- WOLFSSL_MSG("Bad parameter");
- ret = 0;
- }
- while ((ret == 1) && readNextLine) {
- int lineLen;
- /* Assume we won't be reading any more. */
- readNextLine = 0;
- /* Read a line. */
- lineLen = wolfSSL_BIO_gets(bio, buf, size);
- if (lineLen <= 0) {
- WOLFSSL_MSG("wolfSSL_BIO_gets error");
- ret = 0;
- }
- if (ret == 1) {
- /* Find length of hexadecimal digits in string. */
- lineLen = wolfssl_a2i_asn1_integer_clear_to_eol(buf, lineLen,
- &readNextLine);
- /* Check we have a valid hexadecimal string to process. */
- if ((lineLen == 0) || ((lineLen % 2) != 0)) {
- WOLFSSL_MSG("Invalid line length");
- ret = 0;
- }
- }
- if (ret == 1) {
- /* Calculate length of complete number so far. */
- len = asn1->length + (lineLen / 2);
- /* Make sure enough space for number and maximum header. */
- if (wolfssl_asn1_integer_require_len(asn1, len + hdrSz, outLen != 0)
- != 1) {
- ret = 0;
- }
- }
- if (ret == 1) {
- /* Decode string and append to data. */
- outLen = (word32)(lineLen / 2);
- (void)Base16_Decode((byte*)buf, (word32)lineLen,
- asn1->data + asn1->length, &outLen);
- /* Update length of data. */
- asn1->length += (int)outLen;
- }
- }
- if (ret == 1) {
- int idx;
- /* Get ASN.1 header length. */
- idx = SetASNInt(asn1->length, asn1->data[0], NULL);
- /* Move data to be after ASN.1 header. */
- XMEMMOVE(asn1->data + idx, asn1->data, (size_t)asn1->length);
- /* Encode ASN.1 header. */
- SetASNInt(asn1->length, asn1->data[idx], asn1->data);
- /* Update length of data. */
- asn1->length += idx;
- }
- return ret;
- }
- /* Write out number in ASN.1 INTEGER object to BIO as string.
- *
- * @param [in] bp BIO to write to.
- * @param [in] a ASN.1 INTEGER object.
- * @return Number of characters written on success.
- * @return 0 when bp or a is NULL.
- * @return 0 DER header in data is invalid.
- */
- int wolfSSL_i2a_ASN1_INTEGER(WOLFSSL_BIO *bp, const WOLFSSL_ASN1_INTEGER *a)
- {
- int err = 0;
- word32 idx = 1; /* Skip ASN.1 INTEGER tag byte. */
- int len = 0;
- byte buf[WOLFSSL_ASN1_INTEGER_MAX * 2 + 1];
- word32 bufLen;
- WOLFSSL_ENTER("wolfSSL_i2a_ASN1_INTEGER");
- /* Validate parameters. */
- if ((bp == NULL) || (a == NULL)) {
- err = 1;
- }
- if (!err) {
- /* Read DER length - must be at least 1 byte. */
- if (GetLength(a->data, &idx, &len, (word32)a->length) <= 0) {
- err = 1;
- }
- }
- /* Keep encoding and writing while no error and bytes in data. */
- while ((!err) && (idx < (word32)a->length)) {
- /* Number of bytes left to encode. */
- int encLen = a->length - (int)idx;
- /* Reduce to maximum buffer size if necessary. */
- if (encLen > (int)sizeof(buf) / 2) {
- encLen = (int)sizeof(buf) / 2;
- }
- /* Encode bytes from data into buffer. */
- bufLen = (int)sizeof(buf);
- (void)Base16_Encode(a->data + idx, (word32)encLen, buf, &bufLen);
- /* Update index to next bytes to encoded. */
- idx += (word32)encLen;
- /* Write out characters but not NUL char. */
- if (wolfSSL_BIO_write(bp, buf, (int)bufLen - 1) != (int)(bufLen - 1)) {
- err = 1;
- }
- }
- if (err) {
- /* Return 0 on error. */
- len = 0;
- }
- /* Return total number of characters written. */
- return len * 2;
- }
- #endif /* !NO_BIO */
- #ifndef NO_ASN
- /* Determine if a pad byte is required and its value for a number.
- *
- * Assumes values pointed to by pad and padVal are both 0.
- *
- * @param [in] data Number encoded as big-endian bytes.
- * @param [in] len Length of number in bytes.
- * @param [in, out] neg Indicates number is negative.
- * @param [out] pad Number of padding bytes required.
- * @param [out] padVal Padding byte to prepend.
- */
- static void wolfssl_asn1_integer_pad(unsigned char* data, int len,
- unsigned char* neg, char* pad, unsigned char* padVal)
- {
- /* Check for empty data. */
- if (len == 0) {
- *pad = 1;
- *padVal = 0x00;
- *neg = 0;
- }
- else {
- /* Get first, most significant, byte of encoded number. */
- unsigned char firstByte = data[0];
- /* 0 can't be negative. */
- if ((len == 1) && (firstByte == 0x00)) {
- *neg = 0;
- }
- /* Positive value must not have top bit of first byte set. */
- if ((!*neg) && (firstByte >= 0x80)) {
- *pad = 1;
- *padVal = 0x00;
- }
- /* Negative numbers are two's complemented.
- * Two's complement value must have top bit set.
- */
- else if (*neg && (firstByte > 0x80)) {
- *pad = 1;
- *padVal = 0xff;
- }
- /* Checking for: 0x80[00]*
- * when negative that when two's complemented will be: 0x80[00]*
- * and therefore doesn't require pad byte.
- */
- else if (*neg && (firstByte == 0x80)) {
- int i;
- /* Check rest of bytes. */
- for (i = 1; i < len; i++) {
- if (data[i] != 0x00) {
- /* Not 0x80[00]* */
- *pad = 1;
- *padVal = 0xff;
- break;
- }
- }
- }
- }
- }
- /* Convert ASN.1 INTEGER object into content octets.
- *
- * TODO: compatibility with OpenSSL? OpenSSL assumes data not DER encoded.
- *
- * When pp points to a buffer, on success pp will point to after the encoded
- * data.
- *
- * @param [in] a ASN.1 INTEGER object.
- * @param [in, out] pp Pointer to buffer. May be NULL. Cannot point to NULL.
- * @return Length of encoding on success.
- * @return 0 when a is NULL, pp points to NULL or DER length encoding invalid.
- */
- int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp)
- {
- int err = 0;
- int len = 0;
- char pad = 0;
- unsigned char padVal = 0;
- word32 idx = 1;
- WOLFSSL_ENTER("wolfSSL_i2c_ASN1_INTEGER");
- /* Validate parameters. */
- if ((a == NULL) || ((pp != NULL) && (*pp == NULL))) {
- err = 1;
- }
- /* Get length from DER encoding. */
- if ((!err) && (GetLength_ex(a->data, &idx, &len, a->dataMax, 0) < 0)) {
- err = 1;
- }
- if (!err) {
- /* Determine pad length and value. */
- wolfssl_asn1_integer_pad(a->data + idx, len, &a->negative, &pad,
- &padVal);
- /* Total encoded length is number length plus one when padding. */
- len += (int)pad;
- }
- /* Check buffer supplied to write into. */
- if ((!err) && (pp != NULL)) {
- /* Put in any pad byte. */
- if (pad) {
- (*pp)[0] = padVal;
- }
- /* Copy remaining bytes into output buffer. */
- XMEMCPY(*pp + pad, a->data + idx, (size_t)(len - pad));
- /* Two's complement copied bytes when negative. */
- if (a->negative) {
- wolfssl_twos_compl(*pp + pad, len - pad);
- }
- /* Move pointer past encoded data. */
- *pp += len;
- }
- return len;
- }
- /* Make a big number with the value in the ASN.1 INTEGER object.
- *
- * A new big number object is allocated when bn is NULL.
- *
- * @param [in] ai ASN.1 INTEGER object.
- * @param [in] bn Big number object. May be NULL.
- * @return Big number object on success.
- * @return NULL when ai is NULL or converting from binary fails.
- */
- WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
- WOLFSSL_BIGNUM *bn)
- {
- int err = 0;
- word32 idx = 1;
- int len = 0;
- WOLFSSL_BIGNUM* ret = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_INTEGER_to_BN");
- /* Validate parameters. */
- if (ai == NULL) {
- err = 1;
- }
- if (!err) {
- /* Get the length of ASN.1 INTEGER number. */
- if ((ai->data[0] != ASN_INTEGER) || (GetLength(ai->data, &idx, &len,
- (word32)ai->length) <= 0)) {
- #if defined(WOLFSSL_QT) || defined(WOLFSSL_HAPROXY)
- idx = 0;
- len = ai->length;
- #else
- WOLFSSL_MSG("Data in WOLFSSL_ASN1_INTEGER not DER encoded");
- err = 1;
- #endif
- }
- }
- if (!err) {
- /* Convert binary to big number. */
- ret = wolfSSL_BN_bin2bn(ai->data + idx, len, bn);
- if (ret != NULL) {
- /* Handle negative. */
- (void)wolfssl_bn_set_neg(ret, ai->negative);
- }
- }
- return ret;
- }
- #endif /* !NO_ASN */
- /* Create an ASN.1 INTEGER object from big number.
- *
- * Allocates a new ASN.1 INTEGER object when ai is NULL.
- *
- * @param [in] bn Big number to encode.
- * @param [in] ai ASN.1 INTEGER object. May be NULL.
- * @return ASN.1 INTEGER object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_INTEGER* wolfSSL_BN_to_ASN1_INTEGER(const WOLFSSL_BIGNUM *bn,
- WOLFSSL_ASN1_INTEGER *ai)
- {
- int err = 0;
- WOLFSSL_ASN1_INTEGER* a = NULL;
- int len = 0;
- int numBits = 0;
- byte firstByte = 0;
- WOLFSSL_ENTER("wolfSSL_BN_to_ASN1_INTEGER");
- /* Validate parameters. */
- if (bn == NULL) {
- err = 1;
- }
- /* Use ASN.1 INTEGER object if provided. */
- else if (ai != NULL) {
- a = ai;
- }
- /* Create an ASN.1 INTEGER object to return. */
- else {
- a = wolfSSL_ASN1_INTEGER_new();
- if (a == NULL) {
- err = 1;
- }
- }
- /* Check we have an ASN.1 INTEGER object to set. */
- if (!err) {
- int length;
- /* Set type and negative. */
- a->type = WOLFSSL_V_ASN1_INTEGER;
- if (wolfSSL_BN_is_negative(bn) && !wolfSSL_BN_is_zero(bn)) {
- a->negative = 1;
- a->type |= WOLFSSL_V_ASN1_NEG_INTEGER;
- }
- /* Get length in bytes of encoded number. */
- len = wolfSSL_BN_num_bytes(bn);
- if (len == 0) {
- len = 1;
- }
- /* Get length in bits of encoded number. */
- numBits = wolfSSL_BN_num_bits(bn);
- /* Leading zero required if most-significant byte has top bit set. */
- if ((numBits > 0) && (numBits % 8) == 0) {
- firstByte = 0x80;
- }
- /* Get length of header based on length of number. */
- length = SetASNInt(len, firstByte, NULL);
- /* Add number of bytes to encode number. */
- length += len;
- /* Update data field to handle length. */
- if (wolfssl_asn1_integer_require_len(a, length, 0) != 1) {
- err = 1;
- }
- }
- if (!err) {
- /* Write ASN.1 header. */
- int idx = SetASNInt(len, firstByte, a->data);
- /* Populate data. */
- if (numBits == 0) {
- a->data[idx] = 0;
- }
- else {
- /* Add encoded number. */
- len = wolfSSL_BN_bn2bin(bn, a->data + idx);
- if (len < 0) {
- err = 1;
- }
- }
- /* Set length to encoded length. */
- a->length = idx + len;
- }
- if (err) {
- /* Can't use ASN.1 INTEGER object. */
- if (a != ai) {
- wolfSSL_ASN1_INTEGER_free(a);
- }
- a = NULL;
- }
- return a;
- }
- /* Get the value of the ASN.1 INTEGER as a long.
- *
- * Returning 0 on NULL and -1 on error is consistent with OpenSSL.
- *
- * @param [in] a ASN.1 INTEGER object.
- * @return Value as a long.
- * @return 0 when a is NULL.
- * @return -1 when a big number operation fails.
- */
- long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER* a)
- {
- long ret = 1;
- WOLFSSL_BIGNUM* bn = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_INTEGER_get");
- /* Validate parameter. */
- if (a == NULL) {
- ret = 0;
- }
- if (ret > 0) {
- /* Create a big number from the DER encoding. */
- bn = wolfSSL_ASN1_INTEGER_to_BN(a, NULL);
- if (bn == NULL) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (ret > 0) {
- /* Get the big number as a word. */
- ret = (long)wolfSSL_BN_get_word(bn);
- /* Negate number of ASN.1 INTEGER was negative. */
- if (a->negative == 1) {
- ret = -ret;
- }
- }
- /* Dispose of big number as no longer needed. */
- if (bn != NULL) {
- wolfSSL_BN_free(bn);
- }
- WOLFSSL_LEAVE("wolfSSL_ASN1_INTEGER_get", (int)ret);
- return ret;
- }
- /* Sets the value of the ASN.1 INTEGER object to the long value.
- *
- * @param [in, out] a ASN.1 INTEGER object.
- * @param [in] v Value to set.
- * @return 1 on success.
- * @return 0 when a is NULL.
- */
- int wolfSSL_ASN1_INTEGER_set(WOLFSSL_ASN1_INTEGER *a, long v)
- {
- int ret = 1;
- /* Validate parameters. */
- if (a == NULL) {
- ret = 0;
- }
- if (ret == 1) {
- byte j;
- unsigned int i = 0;
- byte tmp[sizeof(long)];
- byte pad = 0;
- wolfssl_asn1_integer_reset_data(a);
- /* Check for negative. */
- if (v < 0) {
- /* Set negative and 2's complement the value. */
- a->negative = 1;
- a->type |= WOLFSSL_V_ASN1_NEG;
- v = -v;
- }
- /* Put value into temporary buffer - at least one byte encoded. */
- tmp[0] = (byte)(v & 0xff);
- v >>= 8;
- for (j = 1; j < (byte)sizeof(long); j++) {
- if (v == 0) {
- break;
- }
- tmp[j] = (byte)(v & 0xff);
- v >>= 8;
- }
- /* Pad with 0x00 to indicate positive number when top bit set. */
- if ((!a->negative) && (tmp[j-1] & 0x80)) {
- pad = 1;
- }
- /* Set tag. */
- a->data[i++] = ASN_INTEGER;
- /* Set length of encoded value. */
- a->data[i++] = pad + j;
- /* Set length of DER encoding. +2 for tag and length */
- a->length = 2 + pad + j;
- /* Add pad byte if required. */
- if (pad == 1) {
- a->data[i++] = 0;
- }
- /* Copy in data. */
- for (; j > 0; j--) {
- a->data[i++] = tmp[j-1];
- }
- }
- return ret;
- }
- #endif /* OPENSSL_EXTRA */
- /*******************************************************************************
- * ASN1_OBJECT APIs
- ******************************************************************************/
- #if !defined(NO_ASN)
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- /* Create a new ASN.1 OBJECT_ID object.
- *
- * @return ASN.1 OBJECT_ID object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_new(void)
- {
- WOLFSSL_ASN1_OBJECT* obj;
- /* Allocate memory for new ASN.1 OBJECT. */
- obj = (WOLFSSL_ASN1_OBJECT*)XMALLOC(sizeof(WOLFSSL_ASN1_OBJECT), NULL,
- DYNAMIC_TYPE_ASN1);
- if (obj != NULL) {
- XMEMSET(obj, 0, sizeof(WOLFSSL_ASN1_OBJECT));
- /* Setup pointers. */
- obj->d.ia5 = &(obj->d.ia5_internal);
- #if defined(OPENSSL_ALL)
- obj->d.iPAddress = &(obj->d.iPAddress_internal);
- #endif
- /* Object was allocated. */
- obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;
- }
- return obj;
- }
- /* Dispose of any ASN.1 OBJECT_ID dynamically allocated data.
- *
- * Do not use obj after calling this function.
- *
- * @param [in, out] obj ASN.1 OBJECT_ID object.
- */
- void wolfSSL_ASN1_OBJECT_free(WOLFSSL_ASN1_OBJECT* obj)
- {
- if (obj != NULL) {
- /* Check for dynamically allocated copy of encoded data. */
- if ((obj->dynamic & WOLFSSL_ASN1_DYNAMIC_DATA) != 0) {
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_MSG("Freeing ASN1 data");
- #endif
- XFREE((void*)obj->obj, obj->heap, DYNAMIC_TYPE_ASN1);
- obj->obj = NULL;
- }
- #if defined(OPENSSL_EXTRA)
- /* Check for path length ASN.1 INTEGER - X.509 extension. */
- if (obj->pathlen != NULL) {
- wolfSSL_ASN1_INTEGER_free(obj->pathlen);
- obj->pathlen = NULL;
- }
- #endif
- /* Check whether object was dynamically allocated. */
- if ((obj->dynamic & WOLFSSL_ASN1_DYNAMIC) != 0) {
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_MSG("Freeing ASN1 OBJECT");
- #endif
- XFREE(obj, NULL, DYNAMIC_TYPE_ASN1);
- }
- }
- }
- /* Duplicate the ASN.1 OBJECT_ID object.
- *
- * @param [in] obj ASN.1 OBJECT_ID object to copy.
- * @return New ASN.1 OBJECT_ID object on success.
- * @return NULL when obj is NULL or dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_dup(WOLFSSL_ASN1_OBJECT* obj)
- {
- WOLFSSL_ASN1_OBJECT* dupl = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_OBJECT_dup");
- /* Validate parameter. */
- if (obj == NULL) {
- WOLFSSL_MSG("Bad parameter");
- }
- /* Create a new ASN.1 OBJECT_ID object to return. */
- else if ((dupl = wolfSSL_ASN1_OBJECT_new()) == NULL) {
- WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_new error");
- }
- if (dupl != NULL) {
- /* Copy short name. */
- XMEMCPY(dupl->sName, obj->sName, WOLFSSL_MAX_SNAME);
- /* Copy simple fields. */
- dupl->type = obj->type;
- dupl->grp = obj->grp;
- dupl->nid = obj->nid;
- dupl->objSz = obj->objSz;
- #ifdef OPENSSL_EXTRA
- dupl->ca = obj->ca;
- #endif
- /* Check for encoding. */
- if (obj->obj) {
- /* Allocate memory for ASN.1 OBJECT_ID DER encoding. */
- dupl->obj = (const unsigned char*)XMALLOC(obj->objSz, NULL,
- DYNAMIC_TYPE_ASN1);
- if (dupl->obj == NULL) {
- WOLFSSL_MSG("ASN1 obj malloc error");
- wolfSSL_ASN1_OBJECT_free(dupl);
- dupl = NULL;
- }
- else {
- /* Encoding buffer was dynamically allocated. */
- dupl->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA;
- /* Copy DER encoding. */
- XMEMCPY((byte*)dupl->obj, obj->obj, obj->objSz);
- }
- }
- }
- return dupl;
- }
- #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
- #endif /* !NO_ASN */
- #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
- /**
- * Parse DER encoding and return header information.
- *
- * *in is moved to the value of the ASN1 object
- *
- * @param [in, out] in Pointer to BER encoded data.
- * @param [out] len Length of parsed ASN1 object
- * @param [out] tag Tag value of parsed ASN1 object
- * @param [out] cls Class of parsed ASN1 object
- * @param [in] inLen Length of *in buffer
- * @return int Depends on which bits are set in the returned int:
- * 0x80 an error occurred during parsing.
- * 0x20 parsed object is constructed.
- * 0x01 the parsed object length is indefinite.
- */
- int wolfSSL_ASN1_get_object(const unsigned char **in, long *len, int *tag,
- int *cls, long inLen)
- {
- int err = 0;
- word32 inOutIdx = 0;
- int l = 0;
- byte t = 0;
- int ret = 0x80;
- WOLFSSL_ENTER("wolfSSL_ASN1_get_object");
- if ((in == NULL) || (*in == NULL) || (len == NULL) || (tag == NULL) ||
- (cls == NULL) || (inLen <= 0)) {
- WOLFSSL_MSG("Bad parameter");
- err = 1;
- }
- if (!err) {
- /* Length at least 1, parameters valid - cannot fail to get tag. */
- GetASNTag(*in, &inOutIdx, &t, (word32)inLen);
- /* Get length in DER encoding. */
- if (GetLength_ex(*in, &inOutIdx, &l, (word32)inLen, 0) < 0) {
- WOLFSSL_MSG("GetLength error");
- err = 1;
- }
- }
- if (!err) {
- /* Return header information. */
- *tag = t & ASN_TYPE_MASK; /* Tag number is 5 lsb */
- *cls = t & ASN_CLASS_MASK; /* Class is 2 msb */
- *len = l;
- ret = t & ASN_CONSTRUCTED;
- if (l > (int)(inLen - inOutIdx)) {
- /* Still return other values but indicate error in msb */
- ret |= 0x80;
- }
- /* Move pointer to after DER header. */
- *in += inOutIdx;
- }
- return ret;
- }
- int wolfssl_asn1_obj_set(WOLFSSL_ASN1_OBJECT* obj, const byte* der, word32 len,
- int addHdr)
- {
- word32 idx = 0;
- if (obj == NULL || der == NULL || len == 0)
- return WOLFSSL_FAILURE;
- if (addHdr)
- idx = SetHeader(ASN_OBJECT_ID, (word32)len, NULL, 0);
- if (obj->obj != NULL) {
- XFREE((void*)obj->obj, obj->heap, DYNAMIC_TYPE_ASN1);
- obj->obj = NULL;
- obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;
- }
- obj->obj =(unsigned char*)XMALLOC(idx + len, obj->heap, DYNAMIC_TYPE_ASN1);
- if (obj->obj == NULL)
- return WOLFSSL_FAILURE;
- if (addHdr)
- SetHeader(ASN_OBJECT_ID, (word32)len, (byte*)obj->obj, 0);
- XMEMCPY((byte*)obj->obj + idx, der, len);
- obj->objSz = (unsigned int)(idx + len);
- obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA;
- return WOLFSSL_SUCCESS;
- }
- /* Creates and ASN.1 OBJECT_ID object from DER encoding.
- *
- * @param [out] a Pointer to return new ASN.1 OBJECT_ID through.
- * @param [in, out] der Pointer to buffer holding DER encoding.
- * @param [in] length Length of DER encoding in bytes.
- * @return New ASN.1 OBJECT_ID object on success.
- * @return NULL when der or *der is NULL or length is less than or equal zero.
- * @return NULL when not an OBJECT_ID or decoding fails.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_OBJECT *wolfSSL_d2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
- const unsigned char **der, long length)
- {
- WOLFSSL_ASN1_OBJECT* ret = NULL;
- int len = 0;
- word32 idx = 0;
- WOLFSSL_ENTER("wolfSSL_d2i_ASN1_OBJECT");
- /* Validate parameters. */
- if ((der == NULL) || (*der == NULL) || (length <= 0)) {
- WOLFSSL_MSG("Bad parameter");
- return NULL;
- }
- if (GetASNHeader(*der, ASN_OBJECT_ID, &idx, &len, (word32)length) < 0) {
- WOLFSSL_MSG("error getting tag");
- return NULL;
- }
- if (len <= 0) {
- WOLFSSL_MSG("zero length");
- return NULL;
- }
- ret = wolfSSL_ASN1_OBJECT_new();
- if (ret == NULL) {
- WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_new error");
- return NULL;
- }
- if (wolfssl_asn1_obj_set(ret, *der, idx + len, 0) != WOLFSSL_SUCCESS) {
- wolfSSL_ASN1_OBJECT_free(ret);
- return NULL;
- }
- *der += idx + len;
- if (a != NULL) {
- if (*a != NULL)
- wolfSSL_ASN1_OBJECT_free(*a);
- *a = ret;
- }
- return ret;
- }
- /* Write out DER encoding of ASN.1 OBJECT_ID.
- *
- * When pp is NULL, length is returned.
- * When pp points to NULL, a new buffer is allocated and returned through pp.
- * When pp points to a buffer, it is moved on past encoded data on success.
- *
- * @param [in] a ASN.1 OBJECT_ID object.
- * @param [in, out] pp Pointer to buffer to write to. May be NULL.
- * @return Length of encoding on success.
- * @return 0 when a or encoding buffer is NULL.
- * @return 0 when dynamic memory allocation fails.
- */
- int wolfSSL_i2d_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT *a, unsigned char **pp)
- {
- int len = 0;
- WOLFSSL_ENTER("wolfSSL_i2d_ASN1_OBJECT");
- /* Validate parameters */
- if ((a == NULL) || (a->obj == NULL)) {
- WOLFSSL_MSG("Bad parameters");
- }
- /* Only return length when no pointer supplied. */
- else if (pp == NULL) {
- len = (int)a->objSz;
- }
- else {
- byte *p = NULL;
- /* Check if we have a buffer to encode into. */
- if (*pp == NULL) {
- /* Allocate a new buffer to return. */
- p = (byte*)XMALLOC(a->objSz, NULL, DYNAMIC_TYPE_OPENSSL);
- if (p == NULL) {
- WOLFSSL_MSG("Bad malloc");
- }
- else {
- /* Return allocated buffer. */
- *pp = p;
- }
- }
- /* Check we have a buffer to encode into. */
- if (*pp != NULL) {
- /* Copy in DER encoding. */
- XMEMCPY(*pp, a->obj, a->objSz);
- /* Move on pointer if user supplied. */
- if (p == NULL) {
- *pp += a->objSz;
- }
- /* Return length of DER encoding. */
- len = (int)a->objSz;
- }
- }
- return len;
- }
- /* Create an ASN.1 OBJECT_ID object from the content octets.
- *
- * @param [out] a Pointer to return ASN.1 OBJECT_ID object.
- * @param [in, out] pp Pointer to buffer holding content octets.
- * @param [in] len Length of content octets in bytes.
- * @return New ASN.1 OBJECT_ID object on success.
- * @return NULL when pp or *pp is NULL or length is less than or equal zero.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_OBJECT *wolfSSL_c2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
- const unsigned char **pp, long len)
- {
- WOLFSSL_ASN1_OBJECT* ret = NULL;
- WOLFSSL_ENTER("wolfSSL_c2i_ASN1_OBJECT");
- /* Validate parameters. */
- if ((pp == NULL) || (*pp == NULL) || (len <= 0)) {
- WOLFSSL_MSG("Bad parameter");
- return NULL;
- }
- /* Create a new ASN.1 OBJECT_ID object. */
- ret = wolfSSL_ASN1_OBJECT_new();
- if (ret == NULL) {
- WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_new error");
- return NULL;
- }
- if (wolfssl_asn1_obj_set(ret, *pp, (word32)len, 1) != WOLFSSL_SUCCESS) {
- WOLFSSL_MSG("wolfssl_asn1_obj_set error");
- wolfSSL_ASN1_OBJECT_free(ret);
- return NULL;
- }
- /* Move pointer to after data copied out. */
- *pp += len;
- /* Return ASN.1 OBJECT_ID object through a if required. */
- if (a != NULL) {
- if (*a != NULL)
- wolfSSL_ASN1_OBJECT_free(*a);
- *a = ret;
- }
- return ret;
- }
- #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
- #ifdef OPENSSL_EXTRA
- /* Write at most buf_len bytes of textual representation of ASN.1 OBJECT_ID.
- *
- * @param [in, out] buf Buffer to write to.
- * @param [in] buf_len Length of buffer in bytes.
- * @param [in] a ASN.1 OBJECT_ID object.
- * @return Number of bytes written on success.
- * @return 0 on failure.
- */
- int wolfSSL_i2t_ASN1_OBJECT(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a)
- {
- WOLFSSL_ENTER("wolfSSL_i2t_ASN1_OBJECT");
- return wolfSSL_OBJ_obj2txt(buf, buf_len, a, 0);
- }
- #ifndef NO_BIO
- /* Write out the text encoding of the ASN.1 OBJECT_ID.
- *
- * @param [in] bp BIO to write to.
- * @param [in] a ASN.1 OBJECT_ID object.
- * @return Number of bytes written on success.
- * @return 0 on failure.
- */
- int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp, WOLFSSL_ASN1_OBJECT *a)
- {
- int length = 0;
- int cLen = 0;
- word32 idx = 0;
- const char null_str[] = "NULL";
- const char invalid_str[] = "<INVALID>";
- char buf[80];
- WOLFSSL_ENTER("wolfSSL_i2a_ASN1_OBJECT");
- /* Validate parameters. */
- if (bp == NULL) {
- /* Do nothing. */
- }
- /* NULL object is written as "NULL". */
- else if (a == NULL) {
- /* Write "NULL" - as done in OpenSSL. */
- length = wolfSSL_BIO_write(bp, null_str, (int)XSTRLEN(null_str));
- }
- /* Try getting text version and write it out. */
- else if ((length = wolfSSL_i2t_ASN1_OBJECT(buf, sizeof(buf), a)) > 0) {
- length = wolfSSL_BIO_write(bp, buf, length);
- }
- /* Look for DER header. */
- else if ((a->obj == NULL) || (a->obj[idx++] != ASN_OBJECT_ID)) {
- WOLFSSL_MSG("Bad ASN1 Object");
- }
- /* Get length from DER header. */
- else if (GetLength((const byte*)a->obj, &idx, &cLen, a->objSz) < 0) {
- length = 0;
- }
- else {
- /* Write out "<INVALID>" and dump content. */
- length = wolfSSL_BIO_write(bp, invalid_str, (int)XSTRLEN(invalid_str));
- length += wolfSSL_BIO_dump(bp, (const char*)(a->obj + idx), cLen);
- }
- return length;
- }
- #endif /* !NO_BIO */
- #endif /* OPENSSL_EXTRA */
- /*******************************************************************************
- * ASN1_SK_OBJECT APIs
- ******************************************************************************/
- #if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) && !defined(NO_ASN)
- /* Create a new WOLFSSL_ASN1_OBJECT stack.
- *
- * @return New WOLFSSL_ASN1_OBJECT stack on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_STACK* wolfSSL_sk_new_asn1_obj(void)
- {
- WOLFSSL_ENTER("wolfSSL_sk_new_asn1_obj");
- return wolfssl_sk_new_type(STACK_TYPE_OBJ);
- }
- /* Dispose of WOLFSL_ASN1_OBJECT stack.
- *
- * @param [in, out] sk Stack to free nodes in.
- */
- void wolfSSL_sk_ASN1_OBJECT_free(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk)
- {
- /* Dispose of stack. */
- wolfSSL_sk_free(sk);
- }
- /* Dispose of all ASN.1 OBJECT_ID objects in ASN1_OBJECT stack.
- *
- * This is different then wolfSSL_ASN1_OBJECT_free in that it allows for
- * choosing the function to use when freeing an ASN1_OBJECT stack.
- *
- * @param [in, out] sk ASN.1 OBJECT_ID stack to free.
- * @param [in] f Free function to apply to each ASN.1 OBJECT_ID object.
- */
- void wolfSSL_sk_ASN1_OBJECT_pop_free(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk,
- void (*f) (WOLFSSL_ASN1_OBJECT*))
- {
- WOLFSSL_ENTER("wolfSSL_sk_ASN1_OBJECT_pop_free");
- wolfSSL_sk_pop_free(sk, (wolfSSL_sk_freefunc)f);
- }
- /* Push a WOLFSSL_ASN1_OBJECT onto stack.
- *
- * @param [in, out] sk ASN.1 OBJECT_ID stack.
- * @param [in] obj ASN.1 OBJECT_ID object to push on. Cannot be NULL.
- * @return 1 on success.
- * @return 0 when sk or obj is NULL.
- * @return 0 when dynamic memory allocation fails.
- */
- int wolfSSL_sk_ASN1_OBJECT_push(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk,
- WOLFSSL_ASN1_OBJECT* obj)
- {
- WOLFSSL_ENTER("wolfSSL_sk_ASN1_OBJECT_push");
- return wolfSSL_sk_push(sk, obj);
- }
- /* Pop off a WOLFSSL_ASN1_OBJECT from the stack.
- *
- * @param [in, out] sk ASN.1 OBJECT_ID stack.
- * @return ASN.1 OBJECT_ID object on success.
- * @return NULL when stack is NULL or no nodes left in stack.
- */
- WOLFSSL_ASN1_OBJECT* wolfSSL_sk_ASN1_OBJECT_pop(
- WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk)
- {
- return (WOLFSSL_ASN1_OBJECT*)wolfssl_sk_pop_type(sk, STACK_TYPE_OBJ);
- }
- #endif /* (OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL) && !NO_ASN */
- /*******************************************************************************
- * ASN1_STRING APIs
- ******************************************************************************/
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- /* Create a new ASN.1 STRING object.
- *
- * @return New ASN.1 STRING object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_new(void)
- {
- WOLFSSL_ASN1_STRING* asn1;
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_new");
- #endif
- asn1 = (WOLFSSL_ASN1_STRING*)XMALLOC(sizeof(WOLFSSL_ASN1_STRING), NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (asn1 != NULL) {
- XMEMSET(asn1, 0, sizeof(WOLFSSL_ASN1_STRING));
- }
- return asn1;
- }
- /* Create a new ASN.1 STRING object.
- *
- * @param [in] type Encoding type.
- * @return New ASN.1 STRING object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_type_new(int type)
- {
- WOLFSSL_ASN1_STRING* asn1;
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_type_new");
- #endif
- asn1 = wolfSSL_ASN1_STRING_new();
- if (asn1 != NULL) {
- asn1->type = type;
- }
- return asn1;
- }
- /* Dispose of ASN.1 STRING object.
- *
- * @param [in, out] asn1 ASN.1 STRING object.
- */
- void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1)
- {
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_free");
- #endif
- /* Check we have an object to free. */
- if (asn1 != NULL) {
- /* Dispose of dynamic data. */
- if ((asn1->length > 0) && asn1->isDynamic) {
- XFREE(asn1->data, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- }
- /* Dispose of ASN.1 STRING object. */
- XFREE(asn1, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- /* Copy an ASN.1 STRING object from src into dest.
- *
- * @param [in, out] dest ASN.1 STRING object to copy into.
- * @param [in] src ASN.1 STRING object to copy from.
- */
- int wolfSSL_ASN1_STRING_copy(WOLFSSL_ASN1_STRING* dest,
- const WOLFSSL_ASN1_STRING* src)
- {
- int ret = 1;
- /* Validate parameters. */
- if ((src == NULL) || (dest == NULL)) {
- ret = 0;
- }
- /* Set the DER encoding. */
- if ((ret == 1) && (wolfSSL_ASN1_STRING_set(dest, src->data, src->length) !=
- 1)) {
- ret = 0;
- }
- if (ret == 1) {
- /* Copy simple fields. */
- dest->type = src->type;
- dest->flags = src->flags;
- }
- return ret;
- }
- /* Duplicate an ASN.1 STRING object.
- *
- * @param [in] asn1 ASN.1 STRING object to duplicate.
- * @return New ASN.1 STRING object on success.
- * @return NULL when asn1 is NULL or dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_dup(WOLFSSL_ASN1_STRING* asn1)
- {
- WOLFSSL_ASN1_STRING* dupl = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_dup");
- /* Check we have an object to duplicate. */
- if (asn1 == NULL) {
- WOLFSSL_MSG("Bad parameter");
- }
- else {
- /* Create a new ASN.1 STRING object. */
- dupl = wolfSSL_ASN1_STRING_new();
- if (dupl == NULL) {
- WOLFSSL_MSG("wolfSSL_ASN1_STRING_new error");
- }
- }
- if (dupl != NULL) {
- /* Copy the contents. */
- if (wolfSSL_ASN1_STRING_copy(dupl, asn1) != 1) {
- WOLFSSL_MSG("wolfSSL_ASN1_STRING_copy error");
- /* Dispose of duplicate and return NULL. */
- wolfSSL_ASN1_STRING_free(dupl);
- dupl = NULL;
- }
- }
- return dupl;
- }
- /* Compare two ASN.1 STRING objects.
- *
- * Compares type when data the same.
- *
- * @param [in] a First ASN.1 STRING object.
- * @param [in] b Second ASN.1 STRING object.
- * @return Negative value when a is less than b.
- * @return 0 when a equals b.
- * @return Positive value when a is greater than b.
- * @return WOLFSSL_FATAL_ERROR when a or b is NULL.
- */
- int wolfSSL_ASN1_STRING_cmp(const WOLFSSL_ASN1_STRING *a,
- const WOLFSSL_ASN1_STRING *b)
- {
- int ret;
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_cmp");
- /* Validate parameters. */
- if ((a == NULL) || (b == NULL)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- /* Compare length of data. */
- else if (a->length != b->length) {
- ret = a->length - b->length;
- }
- /* Compare data. */
- else if ((ret = XMEMCMP(a->data, b->data, (size_t)a->length)) == 0) {
- /* Compare ASN.1 types - wolfSSL_ASN1_STRING_type_new(). */
- ret = a->type - b->type;
- }
- return ret;
- }
- #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
- #if defined(OPENSSL_EXTRA)
- #if !defined(NO_CERTS)
- #ifndef NO_WOLFSSL_STUB
- WOLFSSL_ASN1_STRING* wolfSSL_d2i_DISPLAYTEXT(WOLFSSL_ASN1_STRING **asn,
- const unsigned char **in, long len)
- {
- WOLFSSL_STUB("d2i_DISPLAYTEXT");
- (void)asn;
- (void)in;
- (void)len;
- return NULL;
- }
- #endif
- #endif /* !NO_CERTS */
- #endif /* OPENSSL_EXTRA */
- #ifndef NO_ASN
- #if defined(OPENSSL_EXTRA)
- /* Convert ASN.1 STRING that is UniversalString type to PrintableString type.
- *
- * @param [in, out] s ASN.1 STRING object to convert.
- * @return 1 on success.
- * @return 0 when s is NULL.
- * @return 0 when type is not UniversalString or string is not of that format.
- */
- int wolfSSL_ASN1_UNIVERSALSTRING_to_string(WOLFSSL_ASN1_STRING *s)
- {
- int ret = 1;
- char* p;
- WOLFSSL_ENTER("wolfSSL_ASN1_UNIVERSALSTRING_to_string");
- /* Validate parameter. */
- if (s == NULL) {
- WOLFSSL_MSG("Bad parameter");
- ret = 0;
- }
- /* Check type of ASN.1 STRING. */
- if ((ret == 1) && (s->type != WOLFSSL_V_ASN1_UNIVERSALSTRING)) {
- WOLFSSL_MSG("Input is not a universal string");
- ret = 0;
- }
- /* Check length is indicative of UNIVERSAL_STRING. */
- if ((ret == 1) && ((s->length % 4) != 0)) {
- WOLFSSL_MSG("Input string must be divisible by 4");
- ret = 0;
- }
- if (ret == 1) {
- /* Ensure each UniversalString character looks right. */
- for (p = s->data; p < s->data + s->length; p += 4)
- if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
- break;
- /* Check whether we failed loop early. */
- if (p != s->data + s->length) {
- WOLFSSL_MSG("Wrong string format");
- ret = 0;
- }
- }
- if (ret == 1) {
- char* copy;
- /* Strip first three bytes of each four byte character. */
- for (copy = p = s->data; p < s->data + s->length; p += 4) {
- *copy++ = p[3];
- }
- /* Place NUL on end. */
- *copy = '\0';
- /* Update length and type. */
- s->length /= 4;
- s->type = WOLFSSL_V_ASN1_PRINTABLESTRING;
- }
- return ret;
- }
- #endif /* OPENSSL_EXTRA */
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- /* Convert ASN.1 STRING to UTF8 encoding.
- *
- * Assumes stored encoding is UTF8.
- * Returned buffer should be freed using OPENSSL_free().
- *
- * @param [out] out Pointer to return allocated string.
- * @param [in] asn1 ASN.1 STRING object.
- * @return Length of string, excluding NUL, on success.
- * @return -1 when out or asn1 is NULL.
- * @return -1 when no data to return.
- * @return -1 dynamic memory allocation fails.
- */
- int wolfSSL_ASN1_STRING_to_UTF8(unsigned char **out, WOLFSSL_ASN1_STRING *asn1)
- {
- unsigned char* buf = NULL;
- unsigned char* data = NULL;
- int len = -1;
- /* Validate parameters. */
- if ((out != NULL) && (asn1 != NULL)) {
- /* Get data and length. */
- data = wolfSSL_ASN1_STRING_data(asn1);
- len = wolfSSL_ASN1_STRING_length(asn1);
- /* Check data and length are usable. */
- if ((data == NULL) || (len < 0)) {
- len = WOLFSSL_FATAL_ERROR;
- }
- }
- if (len != -1) {
- /* Allocate buffer to hold string and NUL. */
- buf = (unsigned char*)XMALLOC((size_t)(len + 1), NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (buf == NULL) {
- len = WOLFSSL_FATAL_ERROR;
- }
- }
- if (len != -1) {
- /* Copy in string - NUL always put on end of stored string. */
- XMEMCPY(buf, data, (size_t)(len + 1));
- /* Return buffer. */
- *out = buf;
- }
- return len;
- }
- #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
- #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
- /* Encode ASN.1 STRING data as hex digits separated by colon.
- *
- * Assumes length is greater than 0.
- *
- * @param [in] s ASN.1 STRING object.
- * @return Buffer containing string representation on success.
- * @return NULL when dynamic memory allocation fails.
- * @return NULL when encoding a character as hex fails.
- */
- static char* wolfssl_asn1_string_to_hex_chars(const WOLFSSL_ASN1_STRING *s)
- {
- char* tmp;
- int tmpSz = s->length * 3;
- tmp = (char*)XMALLOC((size_t)tmpSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (tmp == NULL) {
- WOLFSSL_MSG("Memory Error");
- }
- else {
- int i;
- unsigned char* str = (unsigned char*)s->data;
- /* Put out all but last character as a hex digit with ':'. */
- for (i = 0; i < s->length; i++) {
- /* Put in hex digit string at end of tmp. */
- ByteToHexStr(str[i], tmp + i * 3);
- /* Check not last character. */
- if (i < s->length - 1) {
- /* Put in separator: ':'. */
- tmp[i * 3 + 2] = ':';
- }
- /* Last character. */
- else {
- /* Put in NUL to terminate string. */
- tmp[i * 3 + 2] = '\0';
- }
- }
- }
- return tmp;
- }
- /* Create a string encoding of ASN.1 STRING object.
- *
- * @param [in] method Method table. Unused.
- * @param [in] s ASN.1 STRING object.
- * @return Buffer containing string representation on success.
- * @return NULL when s or data is NULL.
- * @return NULL when dynamic memory allocation fails.
- * @return NULL when encoding a character as hex fails.
- */
- char* wolfSSL_i2s_ASN1_STRING(WOLFSSL_v3_ext_method *method,
- const WOLFSSL_ASN1_STRING *s)
- {
- char* ret = NULL;
- WOLFSSL_ENTER("wolfSSL_i2s_ASN1_STRING");
- (void)method;
- /* Validate parameters. */
- if ((s == NULL) || (s->data == NULL)) {
- WOLFSSL_MSG("Bad Function Argument");
- }
- /* Handle 0 length data separately. */
- else if (s->length == 0) {
- ret = (char *)XMALLOC(1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (ret != NULL) {
- ret[0] = '\0';
- }
- }
- else {
- /* Convert unreadable strings to hexadecimal. */
- ret = wolfssl_asn1_string_to_hex_chars(s);
- }
- return ret;
- }
- static int i2d_ASN1_STRING(WOLFSSL_ASN1_STRING* s,
- unsigned char **pp, byte tag)
- {
- int idx;
- int len;
- unsigned char* out;
- if (s == NULL || s->data == NULL || s->length == 0)
- return WOLFSSL_FATAL_ERROR;
- len = SetHeader(tag, s->length, NULL, 0) + s->length;
- if (pp == NULL)
- return len;
- if (*pp == NULL) {
- out = (unsigned char*)XMALLOC(len, NULL, DYNAMIC_TYPE_ASN1);
- if (out == NULL)
- return WOLFSSL_FATAL_ERROR;
- }
- else {
- out = *pp;
- }
- idx = (int)SetHeader(tag, s->length, out, 0);
- XMEMCPY(out + idx, s->data, s->length);
- if (*pp == NULL)
- *pp = out;
- else
- *pp += len;
- return len;
- }
- int wolfSSL_i2d_ASN1_GENERALSTRING(WOLFSSL_ASN1_STRING* s, unsigned char **pp)
- {
- WOLFSSL_ENTER("wolfSSL_i2d_ASN1_GENERALSTRING");
- return i2d_ASN1_STRING(s, pp, ASN_GENERALSTRING);
- }
- int wolfSSL_i2d_ASN1_OCTET_STRING(WOLFSSL_ASN1_STRING* s, unsigned char **pp)
- {
- WOLFSSL_ENTER("wolfSSL_i2d_ASN1_OCTET_STRING");
- return i2d_ASN1_STRING(s, pp, ASN_OCTET_STRING);
- }
- int wolfSSL_i2d_ASN1_UTF8STRING(WOLFSSL_ASN1_STRING* s, unsigned char **pp)
- {
- WOLFSSL_ENTER("wolfSSL_i2d_ASN1_UTF8STRING");
- return i2d_ASN1_STRING(s, pp, ASN_UTF8STRING);
- }
- int wolfSSL_i2d_ASN1_SEQUENCE(WOLFSSL_ASN1_STRING* s,
- unsigned char **pp)
- {
- unsigned char* out;
- if (s == NULL || s->data == NULL || s->length == 0)
- return WOLFSSL_FATAL_ERROR;
- if (pp == NULL)
- return s->length;
- if (*pp == NULL) {
- out = (unsigned char*)XMALLOC(s->length, NULL, DYNAMIC_TYPE_ASN1);
- if (out == NULL)
- return WOLFSSL_FATAL_ERROR;
- }
- else {
- out = *pp;
- }
- XMEMCPY(out, s->data, s->length);
- if (*pp == NULL)
- *pp = out;
- else
- *pp += s->length;
- return s->length;
- }
- static WOLFSSL_ASN1_STRING* d2i_ASN1_STRING(WOLFSSL_ASN1_STRING** out,
- const byte** src, long len, byte expTag)
- {
- WOLFSSL_ASN1_STRING* ret = NULL;
- word32 idx = 0;
- byte tag = 0;
- int length = 0;
- WOLFSSL_ENTER("d2i_ASN1_STRING");
- if (src == NULL || *src == NULL || len == 0)
- return NULL;
- if (GetASNTag(*src, &idx, &tag, (word32)len) < 0)
- return NULL;
- if (tag != expTag)
- return NULL;
- if (GetLength(*src, &idx, &length, (word32)len) < 0)
- return NULL;
- ret = wolfSSL_ASN1_STRING_new();
- if (ret == NULL)
- return NULL;
- if (wolfSSL_ASN1_STRING_set(ret, *src + idx, length) != 1) {
- wolfSSL_ASN1_STRING_free(ret);
- return NULL;
- }
- if (out != NULL) {
- if (*out != NULL)
- wolfSSL_ASN1_STRING_free(*out);
- *out = ret;
- }
- *src += idx + length;
- return ret;
- }
- WOLFSSL_ASN1_STRING* wolfSSL_d2i_ASN1_GENERALSTRING(WOLFSSL_ASN1_STRING** out,
- const byte** src, long len)
- {
- WOLFSSL_ENTER("wolfSSL_d2i_ASN1_GENERALSTRING");
- return d2i_ASN1_STRING(out, src, len, ASN_GENERALSTRING);
- }
- WOLFSSL_ASN1_STRING* wolfSSL_d2i_ASN1_OCTET_STRING(WOLFSSL_ASN1_STRING** out,
- const byte** src, long len)
- {
- WOLFSSL_ENTER("wolfSSL_d2i_ASN1_OCTET_STRING");
- return d2i_ASN1_STRING(out, src, len, ASN_OCTET_STRING);
- }
- WOLFSSL_ASN1_STRING* wolfSSL_d2i_ASN1_UTF8STRING(WOLFSSL_ASN1_STRING** out,
- const byte** src, long len)
- {
- WOLFSSL_ENTER("wolfSSL_d2i_ASN1_UTF8STRING");
- return d2i_ASN1_STRING(out, src, len, ASN_UTF8STRING);
- }
- #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
- #endif /* NO_ASN */
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- /* Get the type of encoding.
- *
- * @param [in] asn1 ASN.1 STRING object.
- * @return Encoding type on success.
- * @return 0 when asn1 is NULL or no encoding set.
- */
- int wolfSSL_ASN1_STRING_type(const WOLFSSL_ASN1_STRING* asn1)
- {
- int type = 0;
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_type");
- #endif
- if (asn1 != NULL) {
- type = asn1->type;
- }
- return type;
- }
- #ifndef NO_CERTS
- /* Get the pointer that is the data.
- *
- * @param [in] asn ASN.1 STRING object.
- * @return Buffer with string on success.
- * @return NULL when asn is NULL or no data set.
- */
- const unsigned char* wolfSSL_ASN1_STRING_get0_data(
- const WOLFSSL_ASN1_STRING* asn)
- {
- char* data = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_get0_data");
- if (asn != NULL) {
- data = asn->data;
- }
- return (const unsigned char*)data;
- }
- /* Get the pointer that is the data.
- *
- * @param [in] asn ASN.1 STRING object.
- * @return Buffer with string on success.
- * @return NULL when asn is NULL or no data set.
- */
- unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING* asn)
- {
- char* data = NULL;
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_data");
- #endif
- if (asn != NULL) {
- data = asn->data;
- }
- return (unsigned char*)data;
- }
- /* Get the length of the data.
- *
- * @param [in] asn ASN.1 STRING object.
- * @return String length on success.
- * @return 0 when asn is NULL or no data set.
- */
- int wolfSSL_ASN1_STRING_length(const WOLFSSL_ASN1_STRING* asn)
- {
- int len = 0;
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_length");
- #endif
- if (asn) {
- len = asn->length;
- }
- return len;
- }
- #endif /* !NO_CERTS */
- /* Set the string data.
- *
- * When sz is less than 0, the string length will be calculated using XSTRLEN.
- *
- * @param [in, out] asn1 ASN.1 STRING object.
- * @param [in] data String data to set.
- * @param [in] sz Length of data to set in bytes.
- * @return 1 on success.
- * @return 0 when asn1 is NULL or data is NULL and sz is not zero.
- * @return 0 when dynamic memory allocation fails.
- */
- int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, const void* data, int sz)
- {
- int ret = 1;
- #ifdef WOLFSSL_DEBUG_OPENSSL
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_set");
- #endif
- /* Validate parameters. */
- if ((asn1 == NULL) || ((data == NULL) && (sz != 0))) {
- ret = 0;
- }
- /* Calculate size from data if not passed in. */
- if ((ret == 1) && (sz < 0)) {
- sz = (int)XSTRLEN((const char*)data);
- if (sz < 0) {
- ret = 0;
- }
- }
- if (ret == 1) {
- /* Dispose of any existing dynamic data. */
- if (asn1->isDynamic) {
- XFREE(asn1->data, NULL, DYNAMIC_TYPE_OPENSSL);
- asn1->data = NULL;
- }
- /* Check string will fit - including NUL. */
- if (sz + 1 > CTC_NAME_SIZE) {
- /* Allocate new buffer. */
- asn1->data = (char*)XMALLOC((size_t)(sz + 1), NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (asn1->data == NULL) {
- ret = 0;
- }
- else {
- /* Ensure buffer will be freed. */
- asn1->isDynamic = 1;
- }
- }
- else {
- /* Clear out fixed array and use it for data. */
- XMEMSET(asn1->strData, 0, CTC_NAME_SIZE);
- asn1->data = asn1->strData;
- asn1->isDynamic = 0;
- }
- }
- if (ret == 1) {
- /* Check if there is a string to copy. */
- if (data != NULL) {
- /* Copy string and append NUL. */
- XMEMCPY(asn1->data, data, (size_t)sz);
- asn1->data[sz] = '\0';
- }
- /* Set size of string. */
- asn1->length = sz;
- }
- return ret;
- }
- #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- #ifndef NO_CERTS
- /* Make a UTF8 canonical version of ASN.1 STRING object's data.
- *
- * @param [in, out] asn ASN.1 STRING to set.
- */
- static void wolfssl_asn1_string_canonicalize(WOLFSSL_ASN1_STRING* asn)
- {
- char* src = asn->data;
- char* p = asn->data + asn->length - 1;
- int len = asn->length;
- int i;
- /* Trim whitespace from the tail. */
- for (; (len > 0) && (XISSPACE((unsigned char)*p)); len--) {
- p--;
- }
- if (len > 0) {
- /* Trim whitespace from the head. */
- for (; XISSPACE((unsigned char)*src); len--) {
- src++;
- }
- }
- /* Output at the start. */
- p = asn->data;
- /* Process each character in string after trim. */
- for (i = 0; i < len; p++, i++) {
- /* Check for non-ascii character. */
- if (!XISASCII(*src)) {
- /* Keep non-ascii character as-is. */
- *p = *src++;
- }
- /* Check for whitespace. */
- else if (XISSPACE((unsigned char)*src)) {
- /* Only use space character for whitespace. */
- *p = 0x20;
- /* Skip any succeeding whitespace characters. */
- while (XISSPACE((unsigned char)*++src)) {
- i++;
- }
- }
- else {
- /* Convert to lower case. */
- *p = (char)XTOLOWER((unsigned char)*src++);
- }
- }
- /* Set actual length after canonicalization. */
- asn->length = (int)(p - asn->data);
- }
- /* Make a canonical version of ASN.1 STRING object in ASN.1 STRING object.
- *
- * @param [in, out] asn_out ASN.1 STRING object to set.
- * @param [in] asn_in ASN.1 STRING object to get data from.
- * @return 1 on success.
- * @return BAD_FUNC_ARG when asn_out or asn_in is NULL.
- * @return 0 when no data.
- * @return 0 when dynamic memory allocation fails.
- */
- int wolfSSL_ASN1_STRING_canon(WOLFSSL_ASN1_STRING* asn_out,
- const WOLFSSL_ASN1_STRING* asn_in)
- {
- int ret = 1;
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_canon");
- /* Validate parameters. */
- if ((asn_out == NULL) || (asn_in == NULL)) {
- WOLFSSL_MSG("invalid function arguments");
- ret = BAD_FUNC_ARG;
- }
- if (ret == 1) {
- switch (asn_in->type) {
- case WOLFSSL_MBSTRING_UTF8:
- case WOLFSSL_V_ASN1_PRINTABLESTRING:
- /* Set type to UTF8. */
- asn_out->type = WOLFSSL_MBSTRING_UTF8;
- /* Dispose of any dynamic data already in asn_out. */
- if (asn_out->isDynamic) {
- XFREE(asn_out->data, NULL, DYNAMIC_TYPE_OPENSSL);
- asn_out->data = NULL;
- }
- /* Make ASN.1 STRING into UTF8 buffer. */
- asn_out->length = wolfSSL_ASN1_STRING_to_UTF8(
- (unsigned char**)&asn_out->data,
- (WOLFSSL_ASN1_STRING*)asn_in);
- /* Check for error from creating UTF8 string. */
- if (asn_out->length < 0) {
- ret = 0;
- }
- else {
- /* Data now dynamic after converting to UTF8. */
- asn_out->isDynamic = 1;
- /* Canonicalize the data. */
- wolfssl_asn1_string_canonicalize(asn_out);
- if (asn_out->length == 0) {
- /* Dispose of data if canonicalization removes all
- * characters. */
- XFREE(asn_out->data, NULL, DYNAMIC_TYPE_OPENSSL);
- asn_out->data = NULL;
- asn_out->isDynamic = 0;
- }
- }
- break;
- default:
- /* Unrecognized format - just copy. */
- WOLFSSL_MSG("just copy string");
- ret = wolfSSL_ASN1_STRING_copy(asn_out, asn_in);
- }
- }
- return ret;
- }
- #endif /* !NO_CERTS */
- #endif /* (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) && !WOLFCRYPT_ONLY */
- #if defined(OPENSSL_EXTRA)
- #if !defined(NO_ASN)
- #ifndef NO_BIO
- /* Returns boolean indicating character is unprintable.
- *
- * @param [in] c ASCII character.
- * @return 1 when character is unprintable.
- * @return 0 when character is printable.
- */
- static int wolfssl_unprintable_char(char c)
- {
- const unsigned char last_unprintable = 31;
- const unsigned char LF = 10; /* Line Feed */
- const unsigned char CR = 13; /* Carriage Return */
- return (c <= last_unprintable) && (c != LF) && (c != CR);
- }
- /* Print ASN.1 STRING to BIO.
- *
- * TODO: Unprintable characters conversion is destructive.
- *
- * @param [in] bio BIO to print to.
- * @param [in] str ASN.1 STRING to print.
- * @return Length of string written on success.
- * @return 0 when bio or str is NULL.
- * @return 0 when writing to BIO fails.
- */
- int wolfSSL_ASN1_STRING_print(WOLFSSL_BIO *bio, WOLFSSL_ASN1_STRING *str)
- {
- int len = 0;
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_print");
- /* Validate parameters. */
- if ((bio != NULL) && (str != NULL)) {
- int i;
- len = str->length;
- /* Convert all unprintable characters to '.'. */
- for (i = 0; i < len; i++) {
- if (wolfssl_unprintable_char(str->data[i])) {
- str->data[i] = '.';
- }
- }
- /* Write string to BIO. */
- if (wolfSSL_BIO_write(bio, str->data, len) != len) {
- len = 0;
- }
- }
- return len;
- }
- #endif /* !NO_BIO */
- #endif /* !NO_ASN */
- /* Get a string for the ASN.1 tag.
- *
- * @param [in] tag ASN.1 tag.
- * @return A string.
- */
- const char* wolfSSL_ASN1_tag2str(int tag)
- {
- static const char *const tag_label[31] = {
- "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", "NULL",
- "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", "ENUMERATED",
- "<ASN1 11>", "UTF8STRING", "<ASN1 13>", "<ASN1 14>", "<ASN1 15>",
- "SEQUENCE", "SET", "NUMERICSTRING", "PRINTABLESTRING", "T61STRING",
- "VIDEOTEXTSTRING", "IA5STRING", "UTCTIME", "GENERALIZEDTIME",
- "GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING", "UNIVERSALSTRING",
- "<ASN1 29>", "BMPSTRING"
- };
- const char* str = "(unknown)";
- /* Clear negative flag. */
- if ((tag == WOLFSSL_V_ASN1_NEG_INTEGER) || (tag == WOLFSSL_V_ASN1_NEG_ENUMERATED)) {
- tag &= ~WOLFSSL_V_ASN1_NEG;
- }
- /* Check for known basic types. */
- if ((tag >= 0) && (tag <= 30)) {
- str = tag_label[tag];
- }
- return str;
- }
- #ifndef NO_BIO
- /* Print out ASN.1 tag for the ASN.1 STRING to the BIO.
- *
- * @param [in] bio BIO to write to.
- * @param [in] str ASN.1 STRING object.
- * @return Number of characters written on success.
- * @return 0 when BIO write fails.
- */
- static int wolfssl_string_print_type(WOLFSSL_BIO *bio, WOLFSSL_ASN1_STRING *str)
- {
- int type_len;
- const char *tag;
- /* Get tag and string length. */
- tag = wolfSSL_ASN1_tag2str(str->type);
- type_len = (int)XSTRLEN(tag);
- /* Write tag to BIO. */
- if (wolfSSL_BIO_write(bio, tag, type_len) != type_len){
- type_len = 0;
- }
- /* Write colon after tag string. */
- else if (wolfSSL_BIO_write(bio, ":", 1) != 1) {
- type_len = 0;
- }
- else {
- /* Written colon - update count. */
- type_len++;
- }
- return type_len;
- }
- /* Dump hex digit representation of each string character to BIO.
- *
- * TODO: Assumes length is only one byte ie less than 128 characters long.
- *
- * @param [in] bio BIO to write to.
- * @param [in] str ASN.1 STRING object.
- * @param [in] asDer Whether to write out as a DER encoding.
- * @return Number of characters written to BIO on success.
- * @return -1 when writing to BIO fails.
- */
- static int wolfssl_asn1_string_dump_hex(WOLFSSL_BIO *bio,
- WOLFSSL_ASN1_STRING *str, int asDer)
- {
- const char* hash="#";
- char hex_tmp[4];
- int str_len = 1;
- /* Write out hash character to indicate hex string. */
- if (wolfSSL_BIO_write(bio, hash, 1) != 1) {
- str_len = WOLFSSL_FATAL_ERROR;
- }
- else {
- /* Check if we are to write out DER header. */
- if (asDer) {
- /* Encode tag and length as hex into temporary. */
- ByteToHexStr((byte)str->type, &hex_tmp[0]);
- ByteToHexStr((byte)str->length, &hex_tmp[2]);
- /* Update count of written characters: tag and length. */
- str_len += 4;
- /* Write out tag and length as hex digits. */
- if (wolfSSL_BIO_write(bio, hex_tmp, 4) != 4) {
- str_len = WOLFSSL_FATAL_ERROR;
- }
- }
- }
- if (str_len != -1) {
- char* p;
- char* end;
- /* Calculate end of string. */
- end = str->data + str->length - 1;
- for (p = str->data; p <= end; p++) {
- /* Encode string character as hex into temporary. */
- ByteToHexStr((byte)*p, hex_tmp);
- /* Update count of written characters. */
- str_len += 2;
- /* Write out character as hex digites. */
- if (wolfSSL_BIO_write(bio, hex_tmp, 2) != 2) {
- str_len = WOLFSSL_FATAL_ERROR;
- break;
- }
- }
- }
- return str_len;
- }
- /* Check whether character needs to be escaped.
- *
- * @param [in] c Character to check for.
- * @param [in] str String to check.
- * @return 1 when character found.
- * @return 0 when character not found.
- */
- static int wolfssl_check_esc_char(char c)
- {
- int ret = 0;
- const char esc_ch[] = "+;<>\\";
- const char* p = esc_ch;
- /* Check if character matches any of those needing escaping. */
- for (; (*p) != '\0'; p++) {
- /* Check if character matches escape character. */
- if (c == (*p)) {
- ret = 1;
- break;
- }
- }
- return ret;
- }
- /* Print out string, with escaping for special characters, to BIO.
- *
- * @param [in] bio BIO to write to.
- * @param [in] str ASN.1 STRING object.
- * @return Number of characters written to BIO on success.
- * @return -1 when writing to BIO fails.
- */
- static int wolfssl_asn1_string_print_esc_2253(WOLFSSL_BIO *bio,
- WOLFSSL_ASN1_STRING *str)
- {
- char* p;
- int str_len = 0;
- /* Write all of string character by character. */
- for (p = str->data; (*p) != '\0'; p++) {
- /* Check if character needs escaping. */
- if (wolfssl_check_esc_char(*p)){
- /* Update count of written characters. */
- str_len++;
- /* Write out escaping character. */
- if (wolfSSL_BIO_write(bio,"\\", 1) != 1) {
- str_len = WOLFSSL_FATAL_ERROR;
- break;
- }
- }
- /* Update count of written characters. */
- str_len++;
- /* Write out character. */
- if (wolfSSL_BIO_write(bio, p, 1) != 1) {
- str_len = WOLFSSL_FATAL_ERROR;
- break;
- }
- }
- return str_len;
- }
- /* Extended print ASN.1 STRING to BIO.
- *
- * @param [in] bio BIO to print to.
- * @param [in] str ASN.1 STRING to print.
- * @param [in] flags Flags describing output format.
- * @return Length of string written on success.
- * @return 0 when bio or str is NULL.
- * @return 0 when writing to BIO fails.
- */
- int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *bio, WOLFSSL_ASN1_STRING *str,
- unsigned long flags)
- {
- int err = 0;
- int str_len = -1;
- int type_len = 0;
- WOLFSSL_ENTER("wolfSSL_ASN1_STRING_PRINT_ex");
- /* Validate parameters. */
- if ((bio == NULL) || (str == NULL)) {
- err = 1;
- }
- /* Check if ASN.1 type is to be printed. */
- if ((!err) && (flags & WOLFSSL_ASN1_STRFLGS_SHOW_TYPE)) {
- /* Print type and colon to BIO. */
- type_len = wolfssl_string_print_type(bio, str);
- if (type_len == 0) {
- err = 1;
- }
- }
- if (!err) {
- if (flags & WOLFSSL_ASN1_STRFLGS_DUMP_ALL) {
- /* Dump hex. */
- str_len = wolfssl_asn1_string_dump_hex(bio, str,
- flags & WOLFSSL_ASN1_STRFLGS_DUMP_DER);
- }
- else if (flags & WOLFSSL_ASN1_STRFLGS_ESC_2253) {
- /* Print out string with escaping. */
- str_len = wolfssl_asn1_string_print_esc_2253(bio, str);
- }
- else {
- /* Get number of characters to write. */
- str_len = str->length;
- /* Print out string as is. */
- if (wolfSSL_BIO_write(bio, str->data, str_len) != str_len) {
- err = 1;
- }
- }
- }
- if ((!err) && (str_len != -1)) {
- /* Include any characters written for type. */
- str_len += type_len;
- }
- else {
- str_len = 0;
- }
- return str_len;
- }
- #endif /* !NO_BIO */
- #endif /* OPENSSL_EXTRA */
- /*******************************************************************************
- * ASN1_GENERALIZEDTIME APIs
- ******************************************************************************/
- #ifdef OPENSSL_EXTRA
- /* Free the static ASN.1 GENERALIZED TIME object.
- *
- * Not an OpenSSL compatibility API.
- *
- * @param [in] asn1Time ASN.1 GENERALIZED TIME object.
- */
- void wolfSSL_ASN1_GENERALIZEDTIME_free(WOLFSSL_ASN1_TIME* asn1Time)
- {
- WOLFSSL_ENTER("wolfSSL_ASN1_GENERALIZEDTIME_free");
- XFREE(asn1Time, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- #ifndef NO_BIO
- /* Return the month as a string.
- *
- * Assumes n is '01'-'12'.
- *
- * @param [in] n The number of the month as a two characters (1 based).
- * @return Month as a string.
- */
- static WC_INLINE const char* MonthStr(const char* n)
- {
- static const char monthStr[12][4] = {
- "Jan", "Feb", "Mar", "Apr", "May", "Jun",
- "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
- const char* month = "BAD";
- int i;
- i = (n[0] - '0') * 10 + (n[1] - '0') - 1;
- /* Convert string to number and index table. */
- if ((i >= 0) && (i < 12)) {
- month = monthStr[i];
- }
- return month;
- }
- /* Print an ASN.1 GENERALIZED TIME to a BIO.
- *
- * @param [in] bio BIO to write to.
- * @param [in] asnTime ASN.1 GENERALIZED TIME object.
- * @return 1 on success.
- * @return 0 when ASN.1 GENERALIZED TIME type is invalid.
- * @return 0 when writing to BIO fails.
- * @return BAD_FUNC_ARG when bio or asnTime is NULL.
- */
- int wolfSSL_ASN1_GENERALIZEDTIME_print(WOLFSSL_BIO* bio,
- const WOLFSSL_ASN1_GENERALIZEDTIME* asnTime)
- {
- int ret = 1;
- const char* p = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_GENERALIZEDTIME_print");
- /* Validate parameters. */
- if ((bio == NULL) || (asnTime == NULL)) {
- ret = BAD_FUNC_ARG;
- }
- /* Check type is GENERALIZED TIME. */
- if ((ret == 1) && (asnTime->type != WOLFSSL_V_ASN1_GENERALIZEDTIME)) {
- WOLFSSL_MSG("Error, not GENERALIZED_TIME");
- ret = 0;
- }
- if (ret == 1) {
- /* Get the string. */
- p = (const char *)(asnTime->data);
- /* Print month as a 3 letter string. */
- if (wolfSSL_BIO_write(bio, MonthStr(p + 4), 3) != 3) {
- ret = 0;
- }
- }
- /* Print space separator. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, " ", 1) != 1)) {
- ret = 0;
- }
- /* Print day. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, p + 6, 2) != 2)) {
- ret = 0;
- }
- /* Print space separator. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, " ", 1) != 1)) {
- ret = 0;
- }
- /* Print hour. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, p + 8, 2) != 2)) {
- ret = 0;
- }
- /* Print time separator - colon. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, ":", 1) != 1)) {
- ret = 0;
- }
- /* Print minutes. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, p + 10, 2) != 2)) {
- ret = 0;
- }
- /* Print time separator - colon. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, ":", 1) != 1)) {
- ret = 0;
- }
- /* Print seconds. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, p + 12, 2) != 2)) {
- ret = 0;
- }
- /* Print space separator. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, " ", 1) != 1)) {
- ret = 0;
- }
- /* Print year. */
- if ((ret == 1) && (wolfSSL_BIO_write(bio, p, 4) != 4)) {
- ret = 0;
- }
- return ret;
- }
- #endif /* !NO_BIO */
- #endif /* OPENSSL_EXTRA */
- /*******************************************************************************
- * ASN1_TIME APIs
- ******************************************************************************/
- #ifndef NO_ASN_TIME
- #ifdef OPENSSL_EXTRA
- /* Allocate a new ASN.1 TIME object.
- *
- * @return New empty ASN.1 TIME object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_new(void)
- {
- WOLFSSL_ASN1_TIME* ret;
- /* Allocate a new ASN.1 TYPE object. */
- ret = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (ret != NULL) {
- /* Clear out fields. */
- XMEMSET(ret, 0, sizeof(WOLFSSL_ASN1_TIME));
- }
- return ret;
- }
- /* Dispose of ASN.1 TIME object.
- *
- * @param [in, out] t ASN.1 TIME object.
- */
- void wolfSSL_ASN1_TIME_free(WOLFSSL_ASN1_TIME* t)
- {
- /* Dispose of ASN.1 TIME object. */
- XFREE(t, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- #ifndef NO_WOLFSSL_STUB
- /* Set the Unix time GMT into ASN.1 TIME object.
- *
- * Not implemented.
- *
- * @param [in, out] a ASN.1 TIME object.
- * @param [in] t Unix time GMT.
- * @return An ASN.1 TIME object.
- */
- WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *a, time_t t)
- {
- WOLFSSL_STUB("wolfSSL_ASN1_TIME_set");
- (void)a;
- (void)t;
- return a;
- }
- #endif /* !NO_WOLFSSL_STUB */
- /* Convert time to Unix time (GMT).
- *
- * @param [in] sec Second in minute. 0-59.
- * @param [in] minute Minute in hour. 0-59.
- * @param [in] hour Hour in day. 0-23.
- * @param [in] mday Day of month. 1-31.
- * @param [in] mon Month of year. 0-11
- * @param [in] year Year including century. ie: 1991, 2023, 2048.
- * @return Seconds since 00:00:00 01/01/1970 for the time passed in.
- */
- static long long wolfssl_time_to_unix_time(int sec, int minute, int hour,
- int mday, int mon, int year)
- {
- /* Number of cumulative days from the previous months, starting from
- * beginning of January. */
- static const int monthDaysCumulative [12] = {
- 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334
- };
- int leapDays = year;
- /* Leap day at end of February. */
- if (mon <= 1) {
- --leapDays;
- }
- /* Calculate leap days. */
- leapDays = leapDays / 4 - leapDays / 100 + leapDays / 400 - 1969 / 4 +
- 1969 / 100 - 1969 / 400;
- /* Calculate number of seconds. */
- return ((((long long) (year - 1970) * 365 + leapDays +
- monthDaysCumulative[mon] + mday - 1) * 24 + hour) * 60 + minute) *
- 60 + sec;
- }
- /* Convert ASN.1 TIME object to Unix time (GMT).
- *
- * @param [in] t ASN.1 TIME object.
- * @param [out] secs Number of seconds since 00:00:00 01/01/1970.
- * @return 1 on success.
- * @return 0 when conversion of time fails.
- */
- static int wolfssl_asn1_time_to_secs(const WOLFSSL_ASN1_TIME* t,
- long long* secs)
- {
- int ret = 1;
- struct tm tm_s;
- struct tm *tmGmt = &tm_s;
- /* Convert ASN.1 TIME to broken-down time. NULL treated as current time. */
- ret = wolfSSL_ASN1_TIME_to_tm(t, tmGmt);
- if (ret != 1) {
- WOLFSSL_MSG("Failed to convert from time to struct tm.");
- }
- else {
- /* We use wolfssl_time_to_unix_time here instead of XMKTIME to avoid the
- * Year 2038 problem on platforms where time_t is 32 bits. struct tm
- * stores the year as years since 1900, so we add 1900 to the year. */
- *secs = wolfssl_time_to_unix_time(tmGmt->tm_sec, tmGmt->tm_min,
- tmGmt->tm_hour, tmGmt->tm_mday, tmGmt->tm_mon,
- tmGmt->tm_year + 1900);
- }
- return ret;
- }
- /* Calculate difference in time of two ASN.1 TIME objects.
- *
- * @param [out] days Number of whole days between from and to.
- * @param [out] secs Number of seconds less than a day between from and to.
- * @param [in] from ASN.1 TIME object as start time.
- * @param [in] to ASN.1 TIME object as end time.
- * @return 1 on success.
- * @return 0 when days or secs is NULL.
- * @return 0 when conversion of time fails.
- */
- int wolfSSL_ASN1_TIME_diff(int *days, int *secs, const WOLFSSL_ASN1_TIME *from,
- const WOLFSSL_ASN1_TIME *to)
- {
- int ret = 1;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_diff");
- /* Validate parameters. */
- if (days == NULL) {
- WOLFSSL_MSG("days is NULL");
- ret = 0;
- }
- if ((ret == 1) && (secs == NULL)) {
- WOLFSSL_MSG("secs is NULL");
- ret = 0;
- }
- if ((ret == 1) && ((from == NULL) && (to == NULL))) {
- *days = 0;
- *secs = 0;
- }
- else if (ret == 1) {
- const long long SECS_PER_DAY = 24 * 60 * 60;
- long long fromSecs;
- long long toSecs = 0;
- ret = wolfssl_asn1_time_to_secs(from, &fromSecs);
- if (ret == 1) {
- ret = wolfssl_asn1_time_to_secs(to, &toSecs);
- }
- if (ret == 1) {
- long long diffSecs = toSecs - fromSecs;
- *days = (int) (diffSecs / SECS_PER_DAY);
- *secs = (int) (diffSecs - ((long long)*days * SECS_PER_DAY));
- }
- }
- return ret;
- }
- /* Compare two ASN.1 TIME objects by comparing time value.
- *
- * @param [in] a First ASN.1 TIME object.
- * @param [in] b Second ASN.1 TIME object.
- * @return Negative value when a is less than b.
- * @return 0 when a equals b.
- * @return Positive value when a is greater than b.
- * @return -2 when a or b is invalid.
- */
- int wolfSSL_ASN1_TIME_compare(const WOLFSSL_ASN1_TIME *a,
- const WOLFSSL_ASN1_TIME *b)
- {
- int ret;
- int days;
- int secs;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_compare");
- /* Calculate difference in time between a and b. */
- if (wolfSSL_ASN1_TIME_diff(&days, &secs, a, b) != 1) {
- WOLFSSL_MSG("Failed to get time difference.");
- ret = -2;
- }
- else if (days == 0 && secs == 0) {
- /* a and b are the same time. */
- ret = 0;
- }
- else if (days >= 0 && secs >= 0) {
- /* a is before b. */
- ret = -1;
- }
- /* Assume wolfSSL_ASN1_TIME_diff creates coherent values. */
- else {
- ret = 1;
- }
- WOLFSSL_LEAVE("wolfSSL_ASN1_TIME_compare", ret);
- return ret;
- }
- #if !defined(USER_TIME) && !defined(TIME_OVERRIDES)
- /* Adjust the time into an ASN.1 TIME object.
- *
- * @param [in] a ASN.1 TIME object. May be NULL.
- * @param [in] t Time to offset.
- * @param [in] offset_day Number of days to offset. May be negative.
- * @param [in] offset_sec Number of seconds to offset. May be negative.
- * @return ASN.1 TIME object on success.
- * @return NULL when formatting time fails.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME* a, time_t t,
- int offset_day, long offset_sec)
- {
- WOLFSSL_ASN1_TIME* ret = NULL;
- const time_t sec_per_day = 24*60*60;
- int time_get;
- char time_str[MAX_TIME_STRING_SZ];
- time_t offset_day_sec = offset_day * sec_per_day;
- time_t t_adj = t + offset_day_sec + offset_sec;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_adj");
- /* Get time string as either UTC or GeneralizedTime. */
- time_get = GetFormattedTime(&t_adj, (byte*)time_str, MAX_TIME_STRING_SZ);
- if (time_get > 0) {
- ret = a;
- if (ret == NULL) {
- ret = wolfSSL_ASN1_TIME_new();
- }
- /* Set the string into the ASN.1 TIME object. */
- if ((wolfSSL_ASN1_TIME_set_string(ret, time_str) != 1) && (ret != a)) {
- wolfSSL_ASN1_TIME_free(ret);
- ret = NULL;
- }
- }
- return ret;
- }
- #endif /* !USER_TIME && !TIME_OVERRIDES */
- /* Get the length of the ASN.1 TIME data.
- *
- * Not an OpenSSL function - ASN1_TIME is not opaque.
- *
- * @param [in] t ASN.1 TIME object.
- * @return Length of data on success.
- * @return 0 when t is NULL or no time set.
- */
- int wolfSSL_ASN1_TIME_get_length(const WOLFSSL_ASN1_TIME *t)
- {
- int len = 0;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_get_length");
- if (t != NULL) {
- len = t->length;
- }
- return len;
- }
- /* Get the data from the ASN.1 TIME object.
- *
- * Not an OpenSSL function - ASN1_TIME is not opaque.
- *
- * @param [in] t ASN.1 TIME object.
- * @return Data buffer on success.
- * @return NULL when t is NULL.
- */
- unsigned char* wolfSSL_ASN1_TIME_get_data(const WOLFSSL_ASN1_TIME *t)
- {
- unsigned char* data = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_get_data");
- if (t != NULL) {
- data = (unsigned char*)t->data;
- }
- return data;
- }
- /* Check format of string in ASN.1 TIME object.
- *
- * @param [in] a ASN.1 TIME object.
- * @return 1 on success.
- * @return 0 when format invalid.
- */
- int wolfSSL_ASN1_TIME_check(const WOLFSSL_ASN1_TIME* a)
- {
- int ret = WOLFSSL_SUCCESS;
- char buf[MAX_TIME_STRING_SZ];
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_check");
- /* If can convert to human readable then format good. */
- if (wolfSSL_ASN1_TIME_to_string((WOLFSSL_ASN1_TIME*)a, buf,
- MAX_TIME_STRING_SZ) == NULL) {
- ret = WOLFSSL_FAILURE;
- }
- return ret;
- }
- /* Set the time as a string into ASN.1 TIME object.
- *
- * When t is NULL, str is checked only.
- *
- * @param [in, out] t ASN.1 TIME object.
- * @param [in] str Time as a string.
- * @return 1 on success.
- * @return 0 when str is NULL.
- * @return 0 when str is not formatted correctly.
- */
- int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *t, const char *str)
- {
- int ret = WOLFSSL_SUCCESS;
- int slen = 0;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_set_string");
- if (str == NULL) {
- WOLFSSL_MSG("Bad parameter");
- ret = 0;
- }
- if (ret == WOLFSSL_SUCCESS) {
- /* Get length of string including NUL terminator. */
- slen = (int)XSTRLEN(str) + 1;
- if (slen > CTC_DATE_SIZE) {
- WOLFSSL_MSG("Date string too long");
- ret = WOLFSSL_FAILURE;
- }
- }
- if ((ret == WOLFSSL_SUCCESS) && (t != NULL)) {
- /* Copy in string including NUL terminator. */
- XMEMCPY(t->data, str, (size_t)slen);
- /* Do not include NUL terminator in length. */
- t->length = slen - 1;
- /* Set ASN.1 type based on string length. */
- t->type = ((slen == ASN_UTC_TIME_SIZE) ? WOLFSSL_V_ASN1_UTCTIME :
- WOLFSSL_V_ASN1_GENERALIZEDTIME);
- }
- return ret;
- }
- int wolfSSL_ASN1_TIME_set_string_X509(WOLFSSL_ASN1_TIME *t, const char *str)
- {
- int ret = WOLFSSL_SUCCESS;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_set_string_X509");
- if (t == NULL)
- ret = WOLFSSL_FAILURE;
- if (ret == WOLFSSL_SUCCESS)
- ret = wolfSSL_ASN1_TIME_set_string(t, str);
- if (ret == WOLFSSL_SUCCESS)
- ret = wolfSSL_ASN1_TIME_check(t);
- return ret;
- }
- /* Convert ASN.1 TIME object to ASN.1 GENERALIZED TIME object.
- *
- * @param [in] t ASN.1 TIME object.
- * @param [in, out] out ASN.1 GENERALIZED TIME object.
- * @return ASN.1 GENERALIZED TIME object on success.
- * @return NULL when t is NULL or t has wrong ASN.1 type.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t,
- WOLFSSL_ASN1_TIME **out)
- {
- WOLFSSL_ASN1_TIME *ret = NULL;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_to_generalizedtime");
- /* Validate parameters. */
- if (t == NULL) {
- WOLFSSL_MSG("Invalid ASN_TIME value");
- }
- /* Ensure ASN.1 type is one that is supported. */
- else if ((t->type != WOLFSSL_V_ASN1_UTCTIME) &&
- (t->type != WOLFSSL_V_ASN1_GENERALIZEDTIME)) {
- WOLFSSL_MSG("Invalid ASN_TIME type.");
- }
- /* Check for ASN.1 GENERALIZED TIME object being passed in. */
- else if ((out != NULL) && (*out != NULL)) {
- /* Copy into the passed in object. */
- ret = *out;
- }
- else {
- /* Create a new ASN.1 GENERALIZED TIME object. */
- ret = wolfSSL_ASN1_TIME_new();
- if (ret == NULL) {
- WOLFSSL_MSG("memory alloc failed.");
- }
- }
- if (ret != NULL) {
- /* Set the ASN.1 type and length of string. */
- ret->type = WOLFSSL_V_ASN1_GENERALIZEDTIME;
- if (t->type == WOLFSSL_V_ASN1_GENERALIZEDTIME) {
- ret->length = ASN_GENERALIZED_TIME_SIZE;
- /* Just copy as data already appropriately formatted. */
- XMEMCPY(ret->data, t->data, ASN_GENERALIZED_TIME_SIZE);
- }
- else {
- /* Convert UTC TIME to GENERALIZED TIME. */
- ret->length = t->length + 2; /* Add two extra year digits */
- if (t->data[0] >= '5') {
- /* >= 50 is 1900s. */
- ret->data[0] = '1'; ret->data[1] = '9';
- }
- else {
- /* < 50 is 2000s. */
- ret->data[0] = '2'; ret->data[1] = '0';
- }
- /* Append rest of the data as it is the same. */
- XMEMCPY(&ret->data[2], t->data, t->length);
- }
- /* Check for pointer to return result through. */
- if (out != NULL) {
- *out = ret;
- }
- }
- return ret;
- }
- #if !defined(USER_TIME) && !defined(TIME_OVERRIDES)
- WOLFSSL_ASN1_TIME* wolfSSL_ASN1_UTCTIME_set(WOLFSSL_ASN1_TIME *s, time_t t)
- {
- WOLFSSL_ASN1_TIME* ret = s;
- WOLFSSL_ENTER("wolfSSL_ASN1_UTCTIME_set");
- if (ret == NULL) {
- ret = wolfSSL_ASN1_TIME_new();
- if (ret == NULL)
- return NULL;
- }
- ret->length = GetFormattedTime(&t, ret->data, sizeof(ret->data));
- if (ret->length + 1 != ASN_UTC_TIME_SIZE) {
- /* Either snprintf error or t can't be represented in UTC format */
- if (ret != s)
- wolfSSL_ASN1_TIME_free(ret);
- ret = NULL;
- }
- else {
- ret->type = WOLFSSL_V_ASN1_UTCTIME;
- }
- return ret;
- }
- #endif /* !USER_TIME && !TIME_OVERRIDES */
- #endif /* OPENSSL_EXTRA */
- #if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA)
- /* Get string from ASN.1 TIME object.
- *
- * Not an OpenSSL compatibility API.
- *
- * @param [in] t ASN.1 TIME object.
- * @param [in, out] buf Buffer to put string in.
- * @param [in] len Length of buffer in bytes.
- * @return buf on success.
- * @return NULL when t or buf is NULL, or len is less than 5.
- * @return NULL when ASN.1 TIME length is larger than len.
- * @return NULL when internal time format not valid.
- */
- char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* t, char* buf, int len)
- {
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_to_string");
- /* Validate parameters. */
- if ((t == NULL) || (buf == NULL) || (len < 5)) {
- WOLFSSL_MSG("Bad argument");
- buf = NULL;
- }
- /* Check internal length against passed in length. */
- if ((buf != NULL) && (t->length > len)) {
- WOLFSSL_MSG("Length of date is longer then buffer");
- buf = NULL;
- }
- /* Get time as human readable string. */
- if ((buf != NULL) && !GetTimeString(t->data, t->type, buf, len)) {
- buf = NULL;
- }
- return buf;
- }
- /* Number of characters in a UTC TIME string. */
- #define UTCTIME_LEN 13
- /* Get year from UTC TIME string.
- *
- * @param [in] str UTC TIME string.
- * @param [in] len Length of string in bytes.
- * @param [out] year Year as extracted from string.
- * @return 1 on success.
- * @return 0 when length is too short for a UTC TIME.
- * @return 0 when not ZULU time.
- */
- static int wolfssl_utctime_year(const unsigned char* str, int len, int* year)
- {
- int ret = 1;
- /* Check minimal length for UTC TIME. */
- if (len < UTCTIME_LEN) {
- WOLFSSL_MSG("WOLFSSL_ASN1_TIME buffer length is invalid.");
- ret = 0;
- }
- /* Only support ZULU time. */
- if ((ret == 1) && (str[UTCTIME_LEN - 1] != 'Z')) {
- WOLFSSL_MSG("Expecting UTC time.");
- ret = 0;
- }
- if (ret == 1) {
- int tm_year;
- /* 2-digit year. */
- tm_year = (str[0] - '0') * 10;
- tm_year += str[1] - '0';
- /* Check for year being in the 2000s. */
- if (tm_year < 50) {
- tm_year += 100;
- }
- *year = tm_year;
- }
- return ret;
- }
- /* Number of characters in a GENERALIZED TIME string. */
- #define GENTIME_LEN 15
- /* Get year from GENERALIZED TIME string.
- *
- * @param [in] str GENERALIZED TIME string.
- * @param [in] len Length of string in bytes.
- * @param [out] year Year as extracted from string.
- * @return 1 on success.
- * @return 0 when length is too short for a GENERALIZED TIME.
- * @return 0 when not ZULU time.
- */
- static int wolfssl_gentime_year(const unsigned char* str, int len, int* year)
- {
- int ret = 1;
- /* Check minimal length for GENERALIZED TIME. */
- if (len < GENTIME_LEN) {
- WOLFSSL_MSG("WOLFSSL_ASN1_TIME buffer length is invalid.");
- ret = 0;
- }
- if ((ret == 1) && (str[GENTIME_LEN - 1] != 'Z')) {
- WOLFSSL_MSG("Expecting Generalized time.");
- ret = 0;
- }
- if (ret == 1) {
- int tm_year;
- /* 4-digit year. */
- tm_year = (str[0] - '0') * 1000;
- tm_year += (str[1] - '0') * 100;
- tm_year += (str[2] - '0') * 10;
- tm_year += str[3] - '0';
- /* Only need value to be years since 1900. */
- tm_year -= 1900;
- *year = tm_year;
- }
- return ret;
- }
- /* Convert an ASN.1 TIME to a struct tm.
- *
- * @param [in] asnTime ASN.1 TIME object.
- * @param [in] tm Broken-down time. Must be non-NULL.
- * @return 1 on success.
- * @return 0 when string format is invalid.
- */
- static int wolfssl_asn1_time_to_tm(const WOLFSSL_ASN1_TIME* asnTime,
- struct tm* tm)
- {
- int ret = 1;
- const unsigned char* asn1TimeBuf;
- int asn1TimeBufLen;
- int i = 0;
- #ifdef XMKTIME
- struct tm localTm;
- XMEMSET(&localTm, 0, sizeof localTm);
- #endif
- /* Get the string buffer - fixed array, can't fail. */
- asn1TimeBuf = wolfSSL_ASN1_TIME_get_data(asnTime);
- /* Get the length of the string. */
- asn1TimeBufLen = wolfSSL_ASN1_TIME_get_length(asnTime);
- if (asn1TimeBufLen <= 0) {
- WOLFSSL_MSG("Failed to get WOLFSSL_ASN1_TIME buffer length.");
- ret = 0;
- }
- if (ret == 1) {
- /* Zero out values in broken-down time. */
- XMEMSET(tm, 0, sizeof(struct tm));
- if (asnTime->type == WOLFSSL_V_ASN1_UTCTIME) {
- /* Get year from UTC TIME string. */
- int tm_year;
- if ((ret = wolfssl_utctime_year(asn1TimeBuf, asn1TimeBufLen,
- &tm_year)) == 1) {
- tm->tm_year = tm_year;
- /* Month starts after year - 2 characters. */
- i = 2;
- }
- }
- else if (asnTime->type == WOLFSSL_V_ASN1_GENERALIZEDTIME) {
- /* Get year from GENERALIZED TIME string. */
- int tm_year;
- if ((ret = wolfssl_gentime_year(asn1TimeBuf, asn1TimeBufLen,
- &tm_year)) == 1) {
- tm->tm_year = tm_year;
- /* Month starts after year - 4 characters. */
- i = 4;
- }
- }
- else {
- /* No other time formats known. */
- WOLFSSL_MSG("asnTime->type is invalid.");
- ret = 0;
- }
- }
- if (ret == 1) {
- /* Fill in rest of broken-down time from string. */
- /* January is 0 not 1 */
- tm->tm_mon = (asn1TimeBuf[i] - '0') * 10; i++;
- tm->tm_mon += (asn1TimeBuf[i] - '0') - 1; i++;
- tm->tm_mday = (asn1TimeBuf[i] - '0') * 10; i++;
- tm->tm_mday += (asn1TimeBuf[i] - '0'); i++;
- tm->tm_hour = (asn1TimeBuf[i] - '0') * 10; i++;
- tm->tm_hour += (asn1TimeBuf[i] - '0'); i++;
- tm->tm_min = (asn1TimeBuf[i] - '0') * 10; i++;
- tm->tm_min += (asn1TimeBuf[i] - '0'); i++;
- tm->tm_sec = (asn1TimeBuf[i] - '0') * 10; i++;
- tm->tm_sec += (asn1TimeBuf[i] - '0');
- #ifdef XMKTIME
- XMEMCPY(&localTm, tm, sizeof(struct tm));
- /* Call XMKTIME on tm to get tm_wday and tm_yday fields populated.
- Note that localTm is used here to avoid modifying other fields,
- such as tm_isdst/tm_gmtoff. */
- XMKTIME(&localTm);
- tm->tm_wday = localTm.tm_wday;
- tm->tm_yday = localTm.tm_yday;
- #endif
- }
- return ret;
- }
- /* Get the current time into a broken-down time.
- *
- * @param [out] tm Broken-time time.
- * @return 1 on success.
- * @return 0 when tm is NULL.
- * @return 0 when get current time fails.
- * @return 0 when converting Unix time to broken-down time fails.
- */
- static int wolfssl_get_current_time_tm(struct tm* tm)
- {
- int ret = 1;
- time_t currentTime;
- struct tm *tmpTs;
- #if defined(NEED_TMP_TIME)
- /* for use with gmtime_r */
- struct tm tmpTimeStorage;
- tmpTs = &tmpTimeStorage;
- #else
- tmpTs = NULL;
- #endif
- (void)tmpTs;
- /* Must have a pointer to return result into. */
- if (tm == NULL) {
- WOLFSSL_MSG("asnTime and tm are both NULL");
- ret = 0;
- }
- if (ret == 1) {
- /* Get current Unix Time GMT. */
- currentTime = wc_Time(0);
- if (currentTime <= 0) {
- WOLFSSL_MSG("Failed to get current time.");
- ret = 0;
- }
- }
- if (ret == 1) {
- /* Convert Unix Time GMT into broken-down time. */
- tmpTs = XGMTIME(¤tTime, tmpTs);
- if (tmpTs == NULL) {
- WOLFSSL_MSG("Failed to convert current time to UTC.");
- ret = 0;
- }
- }
- if (ret == 1) {
- /* Copy from the structure returned into parameter. */
- XMEMCPY(tm, tmpTs, sizeof(*tm));
- }
- return ret;
- }
- /* Convert ASN.1 TIME object's time into broken-down representation.
- *
- * Internal time string is checked when tm is NULL.
- *
- * @param [in] asnTime ASN.1 TIME object.
- * @param [out] tm Broken-down time.
- * @return 1 on success.
- * @return 0 when asnTime is NULL and tm is NULL.
- * @return 0 getting current time fails.
- * @return 0 when internal time string is invalid.
- */
- int wolfSSL_ASN1_TIME_to_tm(const WOLFSSL_ASN1_TIME* asnTime, struct tm* tm)
- {
- int ret = 1;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_to_tm");
- /* If asnTime is NULL, then the current time is converted. */
- if (asnTime == NULL) {
- ret = wolfssl_get_current_time_tm(tm);
- }
- /* If tm is NULL this function performs a format check on asnTime only. */
- else if (tm == NULL) {
- ret = wolfSSL_ASN1_TIME_check(asnTime);
- }
- else {
- /* Convert ASN.1 TIME to broken-down time. */
- ret = wolfssl_asn1_time_to_tm(asnTime, tm);
- }
- return ret;
- }
- #ifndef NO_BIO
- /* Print the ASN.1 TIME object as a string to BIO.
- *
- * @param [in] bio BIO to write to.
- * @param [in] asnTime ASN.1 TIME object.
- * @return 1 on success.
- * @return 0 when bio or asnTime is NULL.
- * @return 0 when creating human readable string fails.
- * @return 0 when writing to BIO fails.
- */
- int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime)
- {
- int ret = 1;
- WOLFSSL_ENTER("wolfSSL_ASN1_TIME_print");
- /* Validate parameters. */
- if ((bio == NULL) || (asnTime == NULL)) {
- WOLFSSL_MSG("NULL function argument");
- ret = 0;
- }
- if (ret == 1) {
- char buf[MAX_TIME_STRING_SZ];
- int len;
- /* Create human readable string. */
- if (wolfSSL_ASN1_TIME_to_string((WOLFSSL_ASN1_TIME*)asnTime, buf,
- sizeof(buf)) == NULL) {
- /* Write out something anyway but return error. */
- XMEMSET(buf, 0, MAX_TIME_STRING_SZ);
- XSTRNCPY(buf, "Bad time value", sizeof(buf)-1);
- ret = 0;
- }
- /* Write out string. */
- len = (int)XSTRLEN(buf);
- if (wolfSSL_BIO_write(bio, buf, len) != len) {
- WOLFSSL_MSG("Unable to write to bio");
- ret = 0;
- }
- }
- return ret;
- }
- #endif /* !NO_BIO */
- #endif /* WOLFSSL_MYSQL_COMPATIBLE || OPENSSL_EXTRA */
- #ifdef OPENSSL_EXTRA
- #ifndef NO_BIO
- /* Print the ASN.1 UTC TIME object as a string to BIO.
- *
- * @param [in] bio BIO to write to.
- * @param [in] asnTime ASN.1 UTC TIME object.
- * @return 1 on success.
- * @return 0 when bio or asnTime is NULL.
- * @return 0 when ASN.1 type is not UTC TIME.
- * @return 0 when creating human readable string fails.
- * @return 0 when writing to BIO fails.
- */
- int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_UTCTIME* a)
- {
- int ret = 1;
- WOLFSSL_ENTER("wolfSSL_ASN1_UTCTIME_print");
- /* Validate parameters. */
- if ((bio == NULL) || (a == NULL)) {
- ret = 0;
- }
- /* Validate ASN.1 UTC TIME object is of type UTC_TIME. */
- if ((ret == 1) && (a->type != WOLFSSL_V_ASN1_UTCTIME)) {
- WOLFSSL_MSG("Error, not UTC_TIME");
- ret = 0;
- }
- if (ret == 1) {
- /* Use generic time printing function to do work. */
- ret = wolfSSL_ASN1_TIME_print(bio, a);
- }
- return ret;
- }
- #endif /* !NO_BIO */
- #endif /* OPENSSL_EXTRA */
- #endif /* !NO_ASN_TIME */
- /*******************************************************************************
- * ASN1_TYPE APIs
- ******************************************************************************/
- #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
- /**
- * Allocate a new ASN.1 TYPE object.
- *
- * @return New empty ASN.1 TYPE object on success.
- * @return NULL when dynamic memory allocation fails.
- */
- WOLFSSL_ASN1_TYPE* wolfSSL_ASN1_TYPE_new(void)
- {
- WOLFSSL_ASN1_TYPE* ret;
- /* Allocate a new ASN.1 TYPE object. */
- ret = (WOLFSSL_ASN1_TYPE*)XMALLOC(sizeof(WOLFSSL_ASN1_TYPE), NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (ret != NULL) {
- /* Clear out fields. */
- XMEMSET(ret, 0, sizeof(WOLFSSL_ASN1_TYPE));
- }
- return ret;
- }
- /* Free the ASN.1 TYPE object's value field.
- *
- * @param [in, out] at ASN.1 TYPE object.
- */
- static void wolfssl_asn1_type_free_value(WOLFSSL_ASN1_TYPE* at)
- {
- switch (at->type) {
- case WOLFSSL_V_ASN1_NULL:
- break;
- case WOLFSSL_V_ASN1_OBJECT:
- wolfSSL_ASN1_OBJECT_free(at->value.object);
- break;
- case WOLFSSL_V_ASN1_UTCTIME:
- #if !defined(NO_ASN_TIME) && defined(OPENSSL_EXTRA)
- wolfSSL_ASN1_TIME_free(at->value.utctime);
- #endif
- break;
- case WOLFSSL_V_ASN1_GENERALIZEDTIME:
- #if !defined(NO_ASN_TIME) && defined(OPENSSL_EXTRA)
- wolfSSL_ASN1_TIME_free(at->value.generalizedtime);
- #endif
- break;
- case WOLFSSL_V_ASN1_UTF8STRING:
- case WOLFSSL_V_ASN1_OCTET_STRING:
- case WOLFSSL_V_ASN1_PRINTABLESTRING:
- case WOLFSSL_V_ASN1_T61STRING:
- case WOLFSSL_V_ASN1_IA5STRING:
- case WOLFSSL_V_ASN1_UNIVERSALSTRING:
- case WOLFSSL_V_ASN1_SEQUENCE:
- wolfSSL_ASN1_STRING_free(at->value.asn1_string);
- break;
- default:
- break;
- }
- }
- /**
- * Free ASN.1 TYPE object and its value.
- *
- * @param [in, out] at ASN.1 TYPE object.
- */
- void wolfSSL_ASN1_TYPE_free(WOLFSSL_ASN1_TYPE* at)
- {
- if (at != NULL) {
- /* Dispose of value in ASN.1 TYPE object. */
- wolfssl_asn1_type_free_value(at);
- }
- /* Dispose of ASN.1 TYPE object. */
- XFREE(at, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- int wolfSSL_i2d_ASN1_TYPE(WOLFSSL_ASN1_TYPE* at, unsigned char** pp)
- {
- int ret = WC_NO_ERR_TRACE(WOLFSSL_FATAL_ERROR);
- if (at == NULL)
- return WOLFSSL_FATAL_ERROR;
- switch (at->type) {
- case WOLFSSL_V_ASN1_NULL:
- break;
- case WOLFSSL_V_ASN1_OBJECT:
- ret = wolfSSL_i2d_ASN1_OBJECT(at->value.object, pp);
- break;
- case WOLFSSL_V_ASN1_UTF8STRING:
- ret = wolfSSL_i2d_ASN1_UTF8STRING(at->value.utf8string, pp);
- break;
- case WOLFSSL_V_ASN1_GENERALIZEDTIME:
- ret = wolfSSL_i2d_ASN1_GENERALSTRING(at->value.utf8string, pp);
- break;
- case WOLFSSL_V_ASN1_SEQUENCE:
- ret = wolfSSL_i2d_ASN1_SEQUENCE(at->value.sequence, pp);
- break;
- case WOLFSSL_V_ASN1_UTCTIME:
- case WOLFSSL_V_ASN1_PRINTABLESTRING:
- case WOLFSSL_V_ASN1_T61STRING:
- case WOLFSSL_V_ASN1_IA5STRING:
- case WOLFSSL_V_ASN1_UNIVERSALSTRING:
- default:
- WOLFSSL_MSG("asn1 i2d type not supported");
- break;
- }
- return ret;
- }
- #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
- #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS) || \
- defined(WOLFSSL_WPAS_SMALL)
- /**
- * Set ASN.1 TYPE object with a type and value.
- *
- * Type of value for different types:
- * WOLFSSL_V_ASN1_NULL : Value should be NULL.
- * WOLFSSL_V_ASN1_OBJECT : WOLFSSL_ASN1_OBJECT.
- * WOLFSSL_V_ASN1_UTCTIME : WOLFSSL_ASN1_TIME.
- * WOLFSSL_V_ASN1_GENERALIZEDTIME : WOLFSSL_ASN1_TIME.
- * WOLFSSL_V_ASN1_UTF8STRING : WOLFSSL_ASN1_STRING.
- * WOLFSSL_V_ASN1_PRINTABLESTRING : WOLFSSL_ASN1_STRING.
- * WOLFSSL_V_ASN1_T61STRING : WOLFSSL_ASN1_STRING.
- * WOLFSSL_V_ASN1_IA5STRING : WOLFSSL_ASN1_STRING.
- * WOLFSSL_V_ASN1_UNINVERSALSTRING: WOLFSSL_ASN1_STRING.
- * WOLFSSL_V_ASN1_SEQUENCE : WOLFSSL_ASN1_STRING.
- *
- * @param [in, out] a ASN.1 TYPE object to set.
- * @param [in] type ASN.1 type of value.
- * @param [in] value Value to store.
- */
- void wolfSSL_ASN1_TYPE_set(WOLFSSL_ASN1_TYPE *a, int type, void *value)
- {
- if (a != NULL) {
- switch (type) {
- case WOLFSSL_V_ASN1_NULL:
- if (value != NULL) {
- WOLFSSL_MSG("NULL tag meant to be always empty!");
- /* No way to return error - value will not be used. */
- }
- FALL_THROUGH;
- case WOLFSSL_V_ASN1_OBJECT:
- case WOLFSSL_V_ASN1_UTCTIME:
- case WOLFSSL_V_ASN1_GENERALIZEDTIME:
- case WOLFSSL_V_ASN1_UTF8STRING:
- case WOLFSSL_V_ASN1_OCTET_STRING:
- case WOLFSSL_V_ASN1_PRINTABLESTRING:
- case WOLFSSL_V_ASN1_T61STRING:
- case WOLFSSL_V_ASN1_IA5STRING:
- case WOLFSSL_V_ASN1_UNIVERSALSTRING:
- case WOLFSSL_V_ASN1_SEQUENCE:
- /* Dispose of any value currently set. */
- wolfssl_asn1_type_free_value(a);
- /* Assign anonymously typed input to anonymously typed field. */
- a->value.ptr = (char *)value;
- /* Set the type required. */
- a->type = type;
- break;
- default:
- WOLFSSL_MSG("Unknown or unsupported ASN1_TYPE");
- /* No way to return error. */
- }
- }
- }
- int wolfSSL_ASN1_TYPE_get(const WOLFSSL_ASN1_TYPE *a)
- {
- if (a != NULL && (a->type == WOLFSSL_V_ASN1_BOOLEAN || a->type == WOLFSSL_V_ASN1_NULL
- || a->value.ptr != NULL))
- return a->type;
- return 0;
- }
- #endif /* OPENSSL_ALL || OPENSSL_EXTRA || WOLFSSL_WPAS */
- #endif /* !NO_ASN */
- #endif /* !WOLFSSL_SSL_ASN1_INCLUDED */
|