1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2 * All rights reserved.
3 *
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
7 *
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14 *
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
21 *
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 * SUCH DAMAGE.
51 *
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.] */
56
57 #include <openssl/asn1.h>
58
59 #include <limits.h>
60 #include <string.h>
61
62 #include <openssl/err.h>
63 #include <openssl/mem.h>
64 #include <openssl/obj.h>
65
66
i2d_ASN1_OBJECT(ASN1_OBJECT * a,unsigned char ** pp)67 int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
68 {
69 unsigned char *p;
70 int objsize;
71
72 if ((a == NULL) || (a->data == NULL)) return(0);
73
74 objsize = ASN1_object_size(0,a->length,V_ASN1_OBJECT);
75 if (pp == NULL) return objsize;
76
77 p= *pp;
78 ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
79 memcpy(p,a->data,a->length);
80 p+=a->length;
81
82 *pp=p;
83 return(objsize);
84 }
85
a2d_ASN1_OBJECT(unsigned char * out,int olen,const char * buf,int num)86 int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
87 {
88 int i,first,len=0,c, use_bn;
89 char ftmp[24], *tmp = ftmp;
90 int tmpsize = sizeof ftmp;
91 const char *p;
92 unsigned long l;
93 BIGNUM *bl = NULL;
94
95 if (num == 0)
96 return(0);
97 else if (num == -1)
98 num=strlen(buf);
99
100 p=buf;
101 c= *(p++);
102 num--;
103 if ((c >= '0') && (c <= '2'))
104 {
105 first= c-'0';
106 }
107 else
108 {
109 OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_FIRST_NUM_TOO_LARGE);
110 goto err;
111 }
112
113 if (num <= 0)
114 {
115 OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_MISSING_SECOND_NUMBER);
116 goto err;
117 }
118 c= *(p++);
119 num--;
120 for (;;)
121 {
122 if (num <= 0) break;
123 if ((c != '.') && (c != ' '))
124 {
125 OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_INVALID_SEPARATOR);
126 goto err;
127 }
128 l=0;
129 use_bn = 0;
130 for (;;)
131 {
132 if (num <= 0) break;
133 num--;
134 c= *(p++);
135 if ((c == ' ') || (c == '.'))
136 break;
137 if ((c < '0') || (c > '9'))
138 {
139 OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_INVALID_DIGIT);
140 goto err;
141 }
142 if (!use_bn && l >= ((ULONG_MAX - 80) / 10L))
143 {
144 use_bn = 1;
145 if (!bl)
146 bl = BN_new();
147 if (!bl || !BN_set_word(bl, l))
148 goto err;
149 }
150 if (use_bn)
151 {
152 if (!BN_mul_word(bl, 10L)
153 || !BN_add_word(bl, c-'0'))
154 goto err;
155 }
156 else
157 l=l*10L+(long)(c-'0');
158 }
159 if (len == 0)
160 {
161 if ((first < 2) && (l >= 40))
162 {
163 OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_SECOND_NUMBER_TOO_LARGE);
164 goto err;
165 }
166 if (use_bn)
167 {
168 if (!BN_add_word(bl, first * 40))
169 goto err;
170 }
171 else
172 l+=(long)first*40;
173 }
174 i=0;
175 if (use_bn)
176 {
177 int blsize;
178 blsize = BN_num_bits(bl);
179 blsize = (blsize + 6)/7;
180 if (blsize > tmpsize)
181 {
182 if (tmp != ftmp)
183 OPENSSL_free(tmp);
184 tmpsize = blsize + 32;
185 tmp = OPENSSL_malloc(tmpsize);
186 if (!tmp)
187 goto err;
188 }
189 while(blsize--)
190 tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);
191 }
192 else
193 {
194
195 for (;;)
196 {
197 tmp[i++]=(unsigned char)l&0x7f;
198 l>>=7L;
199 if (l == 0L) break;
200 }
201
202 }
203 if (out != NULL)
204 {
205 if (len+i > olen)
206 {
207 OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_BUFFER_TOO_SMALL);
208 goto err;
209 }
210 while (--i > 0)
211 out[len++]=tmp[i]|0x80;
212 out[len++]=tmp[0];
213 }
214 else
215 len+=i;
216 }
217 if (tmp != ftmp)
218 OPENSSL_free(tmp);
219 if (bl)
220 BN_free(bl);
221 return(len);
222 err:
223 if (tmp != ftmp)
224 OPENSSL_free(tmp);
225 if (bl)
226 BN_free(bl);
227 return(0);
228 }
229
i2t_ASN1_OBJECT(char * buf,int buf_len,ASN1_OBJECT * a)230 int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
231 {
232 return OBJ_obj2txt(buf, buf_len, a, 0);
233 }
234
i2a_ASN1_OBJECT(BIO * bp,ASN1_OBJECT * a)235 int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
236 {
237 char buf[80], *p = buf;
238 int i;
239
240 if ((a == NULL) || (a->data == NULL))
241 return(BIO_write(bp,"NULL",4));
242 i=i2t_ASN1_OBJECT(buf,sizeof buf,a);
243 if (i > (int)(sizeof(buf) - 1))
244 {
245 p = OPENSSL_malloc(i + 1);
246 if (!p)
247 return -1;
248 i2t_ASN1_OBJECT(p,i + 1,a);
249 }
250 if (i <= 0)
251 return BIO_write(bp, "<INVALID>", 9);
252 BIO_write(bp,p,i);
253 if (p != buf)
254 OPENSSL_free(p);
255 return(i);
256 }
257
d2i_ASN1_OBJECT(ASN1_OBJECT ** a,const unsigned char ** pp,long length)258 ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
259 long length)
260 {
261 const unsigned char *p;
262 long len;
263 int tag,xclass;
264 int inf,i;
265 ASN1_OBJECT *ret = NULL;
266 p= *pp;
267 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
268 if (inf & 0x80)
269 {
270 i=ASN1_R_BAD_OBJECT_HEADER;
271 goto err;
272 }
273
274 if (tag != V_ASN1_OBJECT)
275 {
276 i=ASN1_R_EXPECTING_AN_OBJECT;
277 goto err;
278 }
279 ret = c2i_ASN1_OBJECT(a, &p, len);
280 if(ret) *pp = p;
281 return ret;
282 err:
283 OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_OBJECT, i);
284 return(NULL);
285 }
286
c2i_ASN1_OBJECT(ASN1_OBJECT ** a,const unsigned char ** pp,long len)287 ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
288 long len)
289 {
290 ASN1_OBJECT *ret=NULL;
291 const unsigned char *p;
292 unsigned char *data;
293 int i, length;
294
295 /* Sanity check OID encoding.
296 * Need at least one content octet.
297 * MSB must be clear in the last octet.
298 * can't have leading 0x80 in subidentifiers, see: X.690 8.19.2
299 */
300 if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL ||
301 p[len - 1] & 0x80)
302 {
303 OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
304 return NULL;
305 }
306 /* Now 0 < len <= INT_MAX, so the cast is safe. */
307 length = (int)len;
308 for (i = 0; i < length; i++, p++)
309 {
310 if (*p == 0x80 && (!i || !(p[-1] & 0x80)))
311 {
312 OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
313 return NULL;
314 }
315 }
316
317 /* only the ASN1_OBJECTs from the 'table' will have values
318 * for ->sn or ->ln */
319 if ((a == NULL) || ((*a) == NULL) ||
320 !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC))
321 {
322 if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
323 }
324 else ret=(*a);
325
326 p= *pp;
327 /* detach data from object */
328 data = (unsigned char *)ret->data;
329 ret->data = NULL;
330 /* once detached we can change it */
331 if ((data == NULL) || (ret->length < length))
332 {
333 ret->length=0;
334 if (data != NULL) OPENSSL_free(data);
335 data=(unsigned char *)OPENSSL_malloc(length);
336 if (data == NULL)
337 { i=ERR_R_MALLOC_FAILURE; goto err; }
338 ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
339 }
340 memcpy(data,p,length);
341 /* reattach data to object, after which it remains const */
342 ret->data =data;
343 ret->length=length;
344 ret->sn=NULL;
345 ret->ln=NULL;
346 /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
347 p+=length;
348
349 if (a != NULL) (*a)=ret;
350 *pp=p;
351 return(ret);
352 err:
353 OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, i);
354 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
355 ASN1_OBJECT_free(ret);
356 return(NULL);
357 }
358
ASN1_OBJECT_new(void)359 ASN1_OBJECT *ASN1_OBJECT_new(void)
360 {
361 ASN1_OBJECT *ret;
362
363 ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT));
364 if (ret == NULL)
365 {
366 OPENSSL_PUT_ERROR(ASN1, ASN1_OBJECT_new, ERR_R_MALLOC_FAILURE);
367 return(NULL);
368 }
369 ret->length=0;
370 ret->data=NULL;
371 ret->nid=0;
372 ret->sn=NULL;
373 ret->ln=NULL;
374 ret->flags=ASN1_OBJECT_FLAG_DYNAMIC;
375 return(ret);
376 }
377
ASN1_OBJECT_free(ASN1_OBJECT * a)378 void ASN1_OBJECT_free(ASN1_OBJECT *a)
379 {
380 if (a == NULL) return;
381 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS)
382 {
383 #ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */
384 if (a->sn != NULL) OPENSSL_free((void *)a->sn);
385 if (a->ln != NULL) OPENSSL_free((void *)a->ln);
386 #endif
387 a->sn=a->ln=NULL;
388 }
389 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA)
390 {
391 if (a->data != NULL) OPENSSL_free((void *)a->data);
392 a->data=NULL;
393 a->length=0;
394 }
395 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
396 OPENSSL_free(a);
397 }
398
ASN1_OBJECT_create(int nid,unsigned char * data,int len,const char * sn,const char * ln)399 ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
400 const char *sn, const char *ln)
401 {
402 ASN1_OBJECT o;
403
404 o.sn=sn;
405 o.ln=ln;
406 o.data=data;
407 o.nid=nid;
408 o.length=len;
409 o.flags=ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
410 ASN1_OBJECT_FLAG_DYNAMIC_DATA;
411 return(OBJ_dup(&o));
412 }
413