asn1.c 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496
  1. /* asn1.c
  2. *
  3. * Copyright (C) 2006-2023 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL.
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20. */
  21. #ifdef HAVE_CONFIG_H
  22. #include <config.h>
  23. #endif
  24. #ifndef WOLFSSL_USER_SETTINGS
  25. #include <wolfssl/options.h>
  26. #endif
  27. #include <wolfssl/wolfcrypt/settings.h>
  28. #include <wolfssl/wolfcrypt/asn_public.h>
  29. #include <wolfssl/wolfcrypt/coding.h>
  30. #include <wolfssl/wolfcrypt/error-crypt.h>
  31. #include <stdio.h>
  32. #if defined(WOLFSSL_ASN_PRINT) && !defined(NO_FILESYSTEM)
  33. /* Increment allocated data by this much. */
  34. #define DATA_INC_LEN 256
  35. /* File format is DER/BER. */
  36. #define FORMAT_DER 0
  37. /* File format is BASE64. */
  38. #define FORMAT_BASE64 1
  39. /* File format is PEM. */
  40. #define FORMAT_PEM 2
  41. /* ASN.1 print options. */
  42. static Asn1PrintOptions opts;
  43. /* ASN.1 parsing state. */
  44. static Asn1 asn1;
  45. /* Read the contents of a file into a dynamically allocated buffer.
  46. *
  47. * Uses realloc as input may be stdin.
  48. *
  49. * @param [in] fp File pointer to read from.
  50. * @param [out] pdata Pointer to data.
  51. * @param [out] plen Pointer to length.
  52. * @return 0 on success.
  53. * @return 1 on failure.
  54. */
  55. static int asn1App_ReadFile(FILE* fp, unsigned char** pdata, word32* plen)
  56. {
  57. int ret = 0;
  58. word32 len = 0;
  59. size_t read_len;
  60. /* Allocate a minimum amount. */
  61. unsigned char* data = (unsigned char*)malloc(DATA_INC_LEN);
  62. if (data != NULL) {
  63. /* Read more data. */
  64. while ((read_len = fread(data + len, 1, DATA_INC_LEN, fp)) != 0) {
  65. unsigned char* p;
  66. /* Add read data amount to length. */
  67. len += (word32)read_len;
  68. /* Stop if we are at end-of-file. */
  69. if (feof(fp)) {
  70. break;
  71. }
  72. /* Make space for more data to be added to buffer. */
  73. p = (unsigned char*)realloc(data, len + DATA_INC_LEN);
  74. if (p == NULL) {
  75. /* Reallocation failed - free current buffer. */
  76. free(data);
  77. data = NULL;
  78. break;
  79. }
  80. /* Set data to new pointer. */
  81. data = p;
  82. }
  83. }
  84. if (data != NULL) {
  85. /* Return data and length. */
  86. *pdata = data;
  87. *plen = len;
  88. }
  89. else {
  90. /* Failed to allocate data. */
  91. ret = MEMORY_E;
  92. }
  93. return ret;
  94. }
  95. /* Print ASN.1 of a file containing BER/DER data.
  96. *
  97. * @param [in] fp File pointer to read from.
  98. * @return 0 on success.
  99. * @return 1 on failure.
  100. */
  101. static int PrintDer(FILE* fp)
  102. {
  103. int ret = 0;
  104. word32 len = 0;
  105. unsigned char* data = NULL;
  106. /* Load DER/BER file. */
  107. if (asn1App_ReadFile(fp, &data, &len) != 0) {
  108. ret = 1;
  109. }
  110. if ((ret == 0) && (data != NULL)) {
  111. /* Print DER/BER. */
  112. ret = wc_Asn1_PrintAll(&asn1, &opts, data, len);
  113. /* Dispose of buffer. */
  114. free(data);
  115. }
  116. return ret;
  117. }
  118. /* Print ASN.1 of a file containing Base64 encoding of BER/DER data.
  119. *
  120. * @param [in] fp File pointer to read from.
  121. * @return 0 on success.
  122. * @return 1 on failure.
  123. */
  124. static int PrintBase64(FILE* fp)
  125. {
  126. int ret = 0;
  127. word32 len = 0;
  128. unsigned char* data = NULL;
  129. /* Load Base64 encoded file. */
  130. if (asn1App_ReadFile(fp, &data, &len) != 0) {
  131. ret = 1;
  132. }
  133. if ((ret == 0) && (data != NULL)) {
  134. /* Decode Base64. */
  135. if (Base64_Decode(data, len, data, &len) != 0) {
  136. fprintf(stderr, "Invalid Base64 encoding\n");
  137. ret = 1;
  138. }
  139. if (ret == 0) {
  140. /* Print DER/BER. */
  141. ret = wc_Asn1_PrintAll(&asn1, &opts, data, len);
  142. }
  143. /* Dispose of buffer. */
  144. free(data);
  145. }
  146. return ret;
  147. }
  148. /* Find the next PEM block.
  149. *
  150. * @param [in] data PEM data.
  151. * @param [in] offset Offset into data to start looking.
  152. * @param [in] len Length of PEM data.
  153. * @param [out] start Start of Base64 encoding.
  154. * @param [out] end End of Base64 encoding.
  155. */
  156. static int FindPem(unsigned char* data, word32 offset, word32 len,
  157. word32* start, word32* end)
  158. {
  159. int ret = 0;
  160. word32 i = 0;
  161. word32 j = 0;
  162. /* Find header. */
  163. for (i = offset; i < len; i++) {
  164. if ((data[i] == '-') &&
  165. (strncmp((char*)data + i, "-----BEGIN", 10) == 0)) {
  166. break;
  167. }
  168. }
  169. if (i == len) {
  170. /* Got to end without finding PEM header. */
  171. fprintf(stderr, "No PEM header found\n");
  172. ret = 1;
  173. }
  174. if (ret == 0) {
  175. /* Confirm header. */
  176. for (i += 10; i < len; i++) {
  177. if ((data[i] == '-') &&
  178. (strncmp((char*)data + i, "-----", 5) == 0)) {
  179. break;
  180. }
  181. }
  182. if (i == len) {
  183. /* Got to end without finding rest of PEM header. */
  184. fprintf(stderr, "Invalid PEM header\n");
  185. ret = 1;
  186. }
  187. }
  188. if (ret == 0) {
  189. /* Find footer. */
  190. i += 6;
  191. for (j = i + 1; j < len; j++) {
  192. if ((data[j] == '-') &&
  193. (strncmp((char*)data + j, "-----END", 8) == 0)) {
  194. break;
  195. }
  196. }
  197. if (j == len) {
  198. /* Got to end without finding PEM footer. */
  199. fprintf(stderr, "No PEM footer found\n");
  200. ret = 1;
  201. }
  202. }
  203. if (ret == 0) {
  204. /* Return start and end indices. */
  205. *start = i;
  206. *end = j;
  207. }
  208. return ret;
  209. }
  210. /* Print ASN.1 of file containing PEM.
  211. *
  212. * Only one block is printed.
  213. *
  214. * @param [in] fp File pointer to read from.
  215. * @param [in] pem_skip Number of PEM blocks to skip.
  216. * @return 0 on success.
  217. * @return 1 on failure.
  218. */
  219. static int PrintPem(FILE* fp, int pem_skip)
  220. {
  221. int ret = 0;
  222. unsigned char* data = NULL;
  223. word32 len = 0;
  224. /* Load PEM file. */
  225. if (asn1App_ReadFile(fp, &data, &len) != 0) {
  226. ret = 1;
  227. }
  228. if ((ret == 0) && (data != NULL)) {
  229. word32 i = 0;
  230. word32 j = 0;
  231. /* Find PEM blocks and skip number requested. */
  232. do {
  233. /* Find start and end of PEM Base64 data. */
  234. ret = FindPem(data, j, len, &i, &j);
  235. } while ((ret == 0) && ((pem_skip--) != 0));
  236. /* Decode data between header and footer. */
  237. if ((ret == 0) && (Base64_Decode(data + i, j - i, data, &len) != 0)) {
  238. fprintf(stderr, "Invalid Base64 encoding\n");
  239. ret = 1;
  240. }
  241. if (ret == 0) {
  242. /* Print DER/BER. */
  243. ret = wc_Asn1_PrintAll(&asn1, &opts, data, len);
  244. }
  245. /* Dispose of buffer. */
  246. free(data);
  247. }
  248. return ret;
  249. }
  250. /* Usage lines to show. */
  251. const char* usage[] = {
  252. "asn1 [OPTION]... [FILE]",
  253. "Display a human-readable version of a DER/BER encoding.",
  254. "",
  255. "Options:",
  256. " -?, --help display this help and exit",
  257. " -b, --branch draw branches before tag name",
  258. " -B, --base64 file contents are Base64 encoded",
  259. " -d, --dump show all ASN.1 item data as a hex dump",
  260. " -h, --headers show all ASN.1 item headers as a hex dump",
  261. " -i, --indent indent tag name with depth",
  262. " -l, --length LEN display length bytes of data",
  263. " -n, --no-text do not show data as text",
  264. " -N, --no-dump-text do not show data as a hex dump text",
  265. " -o, --offset OFFSET start decoding from offset",
  266. " -O, --oid show wolfSSL OID value in text",
  267. " -p, --pem file contents are PEM",
  268. " -s, --skip-pem NUM number of PEM blocks to skip",
  269. };
  270. /* Number of usage lines. */
  271. #define USAGE_SZ ((int)(sizeof(usage) / sizeof(*usage)))
  272. /* Print out usage lines.
  273. */
  274. static void Usage(void)
  275. {
  276. int i;
  277. for (i = 0; i < USAGE_SZ; i++) {
  278. printf("%s\n", usage[i]);
  279. }
  280. }
  281. /* Main entry of ASN.1 printing program.
  282. *
  283. * @param [in] argc Count of command line arguments.
  284. * @param [in] argv Command line arguments.
  285. * @return 0 on success.
  286. * @return 1 on failure.
  287. */
  288. int main(int argc, char* argv[])
  289. {
  290. int ret = 0;
  291. /* Default to reading STDIN. */
  292. FILE* fp = stdin;
  293. int file_format = FORMAT_DER;
  294. word32 indent = 0;
  295. int pem_skip = 0;
  296. /* Reset options. */
  297. (void)wc_Asn1PrintOptions_Init(&opts);
  298. /* Skip over program name. */
  299. argc--;
  300. argv++;
  301. while (argc > 0) {
  302. /* Show branches instead of indenting. */
  303. if ((strcmp(argv[0], "-b") == 0) ||
  304. (strcmp(argv[0], "--branch") == 0)) {
  305. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_DRAW_BRANCH, 1);
  306. }
  307. /* File is Base64 encoded data. */
  308. else if ((strcmp(argv[0], "-b64") == 0) ||
  309. (strcmp(argv[0], "--base64") == 0)) {
  310. file_format = FORMAT_BASE64;
  311. }
  312. /* Dump all ASN.1 item data. */
  313. else if ((strcmp(argv[0], "-d") == 0) ||
  314. (strcmp(argv[0], "--dump") == 0)) {
  315. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_DATA, 1);
  316. }
  317. /* Dump ASN.1 item headers. */
  318. else if ((strcmp(argv[0], "-h") == 0) ||
  319. (strcmp(argv[0], "--headers") == 0)) {
  320. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_HEADER_DATA, 1);
  321. }
  322. /* Indent to text to indicate depth. */
  323. else if ((strcmp(argv[0], "-i") == 0) ||
  324. (strcmp(argv[0], "--indent") == 0)) {
  325. indent++;
  326. if (indent > 15) {
  327. }
  328. }
  329. /* Only parse the specified length of DER/BER data. */
  330. else if ((strcmp(argv[0], "-l") == 0) ||
  331. (strcmp(argv[0], "--length") == 0)) {
  332. if (argc == 1) {
  333. printf("Missing length value\n");
  334. return 1;
  335. }
  336. argc--;
  337. argv++;
  338. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_LENGTH,
  339. (word32)atoi(argv[0]));
  340. }
  341. /* Do not show text representations of ASN.1 item data. */
  342. else if ((strcmp(argv[0], "-n") == 0) ||
  343. (strcmp(argv[0], "--no-text") == 0)) {
  344. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_NO_TEXT, 1);
  345. }
  346. /* Do not show hex dump text representations of ASN.1 item data. */
  347. else if ((strcmp(argv[0], "-N") == 0) ||
  348. (strcmp(argv[0], "--no-dump-text") == 0)) {
  349. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_NO_DUMP_TEXT, 1);
  350. }
  351. /* Offset into DER/BER to start decoding from. */
  352. else if ((strcmp(argv[0], "-o") == 0) ||
  353. (strcmp(argv[0], "--offset") == 0)) {
  354. if (argc == 1) {
  355. fprintf(stderr, "Missing offset value\n");
  356. return 1;
  357. }
  358. argc--;
  359. argv++;
  360. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_OFFSET,
  361. (word32)atoi(argv[0]));
  362. }
  363. /* Show wolfSSL OID value for all OBJECT_IDs. */
  364. else if ((strcmp(argv[0], "-O") == 0) ||
  365. (strcmp(argv[0], "--oid") == 0)) {
  366. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_OID, 1);
  367. }
  368. /* File contains PEM blocks. */
  369. else if ((strcmp(argv[0], "-p") == 0) ||
  370. (strcmp(argv[0], "--pem") == 0)) {
  371. file_format = FORMAT_PEM;
  372. }
  373. /* Skip a number of PEM blocks. */
  374. else if ((strcmp(argv[0], "-s") == 0) ||
  375. (strcmp(argv[0], "--skip-pem") == 0)) {
  376. if (argc == 1) {
  377. fprintf(stderr, "Missing number of PEM blocks to skip\n");
  378. return 1;
  379. }
  380. argc--;
  381. argv++;
  382. pem_skip = atoi(argv[0]);
  383. if ((pem_skip < 0) || (pem_skip > 15)) {
  384. fprintf(stderr, "Skip value out of range: %d\n", pem_skip);
  385. return 1;
  386. }
  387. }
  388. /* Display help/usage. */
  389. else if ((strcmp(argv[0], "-?") == 0) ||
  390. (strcmp(argv[0], "--help") == 0)) {
  391. Usage();
  392. return 0;
  393. }
  394. /* Unknown option detection. */
  395. else if (argv[0][0] == '-') {
  396. fprintf(stderr, "Bad option: %s\n", argv[0]);
  397. Usage();
  398. return 1;
  399. }
  400. else {
  401. /* Name of file to read. */
  402. fp = fopen(argv[0], "r");
  403. if (fp == NULL) {
  404. fprintf(stderr, "File not able to be read: %s\n", argv[0]);
  405. return 1;
  406. }
  407. }
  408. /* Move on to next command line argument. */
  409. argc--;
  410. argv++;
  411. }
  412. wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_INDENT, indent);
  413. (void)wc_Asn1_Init(&asn1);
  414. (void)wc_Asn1_SetFile(&asn1, stdout);
  415. /* Process file based on type. */
  416. if (file_format == FORMAT_DER) {
  417. ret = PrintDer(fp);
  418. }
  419. else if (file_format == FORMAT_BASE64) {
  420. ret = PrintBase64(fp);
  421. }
  422. else if (file_format == FORMAT_PEM) {
  423. ret = PrintPem(fp, pem_skip);
  424. }
  425. if (ret != 0) {
  426. fprintf(stderr, "%s\n", wc_GetErrorString(ret));
  427. }
  428. if (fp != stdin) {
  429. fclose(fp);
  430. }
  431. return (ret == 0) ? 0 : 1;
  432. }
  433. #else
  434. /* Main entry of ASN.1 printing program.
  435. *
  436. * @param [in] argc Count of command line arguments.
  437. * @param [in] argv Command line arguments.
  438. * @return 0 on success.
  439. * @return 1 on failure.
  440. */
  441. int main(int argc, char* argv[])
  442. {
  443. (void)argc;
  444. (void)argv;
  445. fprintf(stderr, "ASN.1 Parsing and Printing or file system not compiled"
  446. " in.\n");
  447. return 0;
  448. }
  449. #endif /* WOLFSSL_ASN_PRINT && !defined(NO_FILESYSTEM)*/