kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5554 Commits
12 Branches
38 MiB
 
 
 
 
 
 
Tree: 045ee41928
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '045ee41928'
${ noResults }
boringssl/crypto/asn1/a_strnid.c

314 lines
11 KiB
Raw Blame History 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/asn1.h>

  58. 

  59. #include <stdlib.h>             /* For bsearch */

  60. #include <string.h>

  61. 

  62. #include <openssl/err.h>

  63. #include <openssl/mem.h>

  64. #include <openssl/obj.h>

  65. #include <openssl/stack.h>

  66. 

  67. DEFINE_STACK_OF(ASN1_STRING_TABLE)

  68. 

  69. static STACK_OF(ASN1_STRING_TABLE) *stable = NULL;

  70. static void st_free(ASN1_STRING_TABLE *tbl);

  71. 

  72. /*

  73.  * This is the global mask for the mbstring functions: this is use to mask

  74.  * out certain types (such as BMPString and UTF8String) because certain

  75.  * software (e.g. Netscape) has problems with them.

  76.  */

  77. 

  78. static unsigned long global_mask = B_ASN1_UTF8STRING;

  79. 

  80. void ASN1_STRING_set_default_mask(unsigned long mask)

  81. {

  82.     global_mask = mask;

  83. }

  84. 

  85. unsigned long ASN1_STRING_get_default_mask(void)

  86. {

  87.     return global_mask;

  88. }

  89. 

  90. /*

  91.  * This function sets the default to various "flavours" of configuration.

  92.  * based on an ASCII string. Currently this is: MASK:XXXX : a numerical mask

  93.  * value. nobmp : Don't use BMPStrings (just Printable, T61). pkix : PKIX

  94.  * recommendation in RFC2459. utf8only : only use UTF8Strings (RFC2459

  95.  * recommendation for 2004). default: the default value, Printable, T61, BMP.

  96.  */

  97. 

  98. int ASN1_STRING_set_default_mask_asc(const char *p)

  99. {

  100.     unsigned long mask;

  101.     char *end;

  102.     if (!strncmp(p, "MASK:", 5)) {

  103.         if (!p[5])

  104.             return 0;

  105.         mask = strtoul(p + 5, &end, 0);

  106.         if (*end)

  107.             return 0;

  108.     } else if (!strcmp(p, "nombstr"))

  109.         mask = ~((unsigned long)(B_ASN1_BMPSTRING | B_ASN1_UTF8STRING));

  110.     else if (!strcmp(p, "pkix"))

  111.         mask = ~((unsigned long)B_ASN1_T61STRING);

  112.     else if (!strcmp(p, "utf8only"))

  113.         mask = B_ASN1_UTF8STRING;

  114.     else if (!strcmp(p, "default"))

  115.         mask = 0xFFFFFFFFL;

  116.     else

  117.         return 0;

  118.     ASN1_STRING_set_default_mask(mask);

  119.     return 1;

  120. }

  121. 

  122. /*

  123.  * The following function generates an ASN1_STRING based on limits in a

  124.  * table. Frequently the types and length of an ASN1_STRING are restricted by

  125.  * a corresponding OID. For example certificates and certificate requests.

  126.  */

  127. 

  128. ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,

  129.                                     const unsigned char *in, int inlen,

  130.                                     int inform, int nid)

  131. {

  132.     ASN1_STRING_TABLE *tbl;

  133.     ASN1_STRING *str = NULL;

  134.     unsigned long mask;

  135.     int ret;

  136.     if (!out)

  137.         out = &str;

  138.     tbl = ASN1_STRING_TABLE_get(nid);

  139.     if (tbl) {

  140.         mask = tbl->mask;

  141.         if (!(tbl->flags & STABLE_NO_MASK))

  142.             mask &= global_mask;

  143.         ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask,

  144.                                   tbl->minsize, tbl->maxsize);

  145.     } else

  146.         ret =

  147.             ASN1_mbstring_copy(out, in, inlen, inform,

  148.                                DIRSTRING_TYPE & global_mask);

  149.     if (ret <= 0)

  150.         return NULL;

  151.     return *out;

  152. }

  153. 

  154. /*

  155.  * Now the tables and helper functions for the string table:

  156.  */

  157. 

  158. /* size limits: this stuff is taken straight from RFC3280 */

  159. 

  160. #define ub_name                         32768

  161. #define ub_common_name                  64

  162. #define ub_locality_name                128

  163. #define ub_state_name                   128

  164. #define ub_organization_name            64

  165. #define ub_organization_unit_name       64

  166. #define ub_title                        64

  167. #define ub_email_address                128

  168. #define ub_serial_number                64

  169. 

  170. /* This table must be kept in NID order */

  171. 

  172. static const ASN1_STRING_TABLE tbl_standard[] = {

  173.     {NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0},

  174.     {NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},

  175.     {NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0},

  176.     {NID_stateOrProvinceName, 1, ub_state_name, DIRSTRING_TYPE, 0},

  177.     {NID_organizationName, 1, ub_organization_name, DIRSTRING_TYPE, 0},

  178.     {NID_organizationalUnitName, 1, ub_organization_unit_name, DIRSTRING_TYPE,

  179.      0},

  180.     {NID_pkcs9_emailAddress, 1, ub_email_address, B_ASN1_IA5STRING,

  181.      STABLE_NO_MASK},

  182.     {NID_pkcs9_unstructuredName, 1, -1, PKCS9STRING_TYPE, 0},

  183.     {NID_pkcs9_challengePassword, 1, -1, PKCS9STRING_TYPE, 0},

  184.     {NID_pkcs9_unstructuredAddress, 1, -1, DIRSTRING_TYPE, 0},

  185.     {NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0},

  186.     {NID_surname, 1, ub_name, DIRSTRING_TYPE, 0},

  187.     {NID_initials, 1, ub_name, DIRSTRING_TYPE, 0},

  188.     {NID_serialNumber, 1, ub_serial_number, B_ASN1_PRINTABLESTRING,

  189.      STABLE_NO_MASK},

  190.     {NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},

  191.     {NID_name, 1, ub_name, DIRSTRING_TYPE, 0},

  192.     {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},

  193.     {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK},

  194.     {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}

  195. };

  196. 

  197. static int sk_table_cmp(const ASN1_STRING_TABLE **a,

  198.                         const ASN1_STRING_TABLE **b)

  199. {

  200.     return (*a)->nid - (*b)->nid;

  201. }

  202. 

  203. static int table_cmp(const void *in_a, const void *in_b)

  204. {

  205.     const ASN1_STRING_TABLE *a = in_a;

  206.     const ASN1_STRING_TABLE *b = in_b;

  207.     return a->nid - b->nid;

  208. }

  209. 

  210. ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)

  211. {

  212.     int found;

  213.     size_t idx;

  214.     ASN1_STRING_TABLE *ttmp;

  215.     ASN1_STRING_TABLE fnd;

  216.     fnd.nid = nid;

  217. 

  218.     ttmp =

  219.         bsearch(&fnd, tbl_standard,

  220.                 sizeof(tbl_standard) / sizeof(ASN1_STRING_TABLE),

  221.                 sizeof(ASN1_STRING_TABLE), table_cmp);

  222.     if (ttmp)

  223.         return ttmp;

  224.     if (!stable)

  225.         return NULL;

  226.     sk_ASN1_STRING_TABLE_sort(stable);

  227.     found = sk_ASN1_STRING_TABLE_find(stable, &idx, &fnd);

  228.     if (!found)

  229.         return NULL;

  230.     return sk_ASN1_STRING_TABLE_value(stable, idx);

  231. }

  232. 

  233. int ASN1_STRING_TABLE_add(int nid,

  234.                           long minsize, long maxsize, unsigned long mask,

  235.                           unsigned long flags)

  236. {

  237.     ASN1_STRING_TABLE *tmp;

  238.     char new_nid = 0;

  239.     flags &= ~STABLE_FLAGS_MALLOC;

  240.     if (!stable)

  241.         stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp);

  242.     if (!stable) {

  243.         OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);

  244.         return 0;

  245.     }

  246.     if (!(tmp = ASN1_STRING_TABLE_get(nid))) {

  247.         tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE));

  248.         if (!tmp) {

  249.             OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);

  250.             return 0;

  251.         }

  252.         tmp->flags = flags | STABLE_FLAGS_MALLOC;

  253.         tmp->nid = nid;

  254.         tmp->minsize = tmp->maxsize = -1;

  255.         new_nid = 1;

  256.     } else

  257.         tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags;

  258.     if (minsize != -1)

  259.         tmp->minsize = minsize;

  260.     if (maxsize != -1)

  261.         tmp->maxsize = maxsize;

  262.     tmp->mask = mask;

  263.     if (new_nid)

  264.         sk_ASN1_STRING_TABLE_push(stable, tmp);

  265.     return 1;

  266. }

  267. 

  268. void ASN1_STRING_TABLE_cleanup(void)

  269. {

  270.     STACK_OF(ASN1_STRING_TABLE) *tmp;

  271.     tmp = stable;

  272.     if (!tmp)

  273.         return;

  274.     stable = NULL;

  275.     sk_ASN1_STRING_TABLE_pop_free(tmp, st_free);

  276. }

  277. 

  278. static void st_free(ASN1_STRING_TABLE *tbl)

  279. {

  280.     if (tbl->flags & STABLE_FLAGS_MALLOC)

  281.         OPENSSL_free(tbl);

  282. }

  283. 

  284. #ifdef STRING_TABLE_TEST

  285. 

  286. int main(void)

  287. {

  288.     ASN1_STRING_TABLE *tmp;

  289.     int i, last_nid = -1;

  290. 

  291.     for (tmp = tbl_standard, i = 0;

  292.          i < sizeof(tbl_standard) / sizeof(ASN1_STRING_TABLE); i++, tmp++) {

  293.         if (tmp->nid < last_nid) {

  294.             last_nid = 0;

  295.             break;

  296.         }

  297.         last_nid = tmp->nid;

  298.     }

  299. 

  300.     if (last_nid != 0) {

  301.         printf("Table order OK\n");

  302.         exit(0);

  303.     }

  304. 

  305.     for (tmp = tbl_standard, i = 0;

  306.          i < sizeof(tbl_standard) / sizeof(ASN1_STRING_TABLE); i++, tmp++)

  307.         printf("Index %d, NID %d, Name=%s\n", i, tmp->nid,

  308.                OBJ_nid2ln(tmp->nid));

  309. 

  310.     return 0;

  311. }

  312. 

  313. #endif