/src/boringssl/crypto/asn1/a_mbstr.cc
Line | Count | Source |
1 | | // Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. |
2 | | // |
3 | | // Licensed under the Apache License, Version 2.0 (the "License"); |
4 | | // you may not use this file except in compliance with the License. |
5 | | // You may obtain a copy of the License at |
6 | | // |
7 | | // https://www.apache.org/licenses/LICENSE-2.0 |
8 | | // |
9 | | // Unless required by applicable law or agreed to in writing, software |
10 | | // distributed under the License is distributed on an "AS IS" BASIS, |
11 | | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
12 | | // See the License for the specific language governing permissions and |
13 | | // limitations under the License. |
14 | | |
15 | | #include <openssl/asn1.h> |
16 | | |
17 | | #include <limits.h> |
18 | | #include <string.h> |
19 | | |
20 | | #include <openssl/bytestring.h> |
21 | | #include <openssl/err.h> |
22 | | #include <openssl/mem.h> |
23 | | |
24 | | #include "../bytestring/internal.h" |
25 | | #include "internal.h" |
26 | | |
27 | | |
28 | | using namespace bssl; |
29 | | |
30 | | // These functions take a string in UTF8, ASCII or multibyte form and a mask |
31 | | // of permissible ASN1 string types. It then works out the minimal type |
32 | | // (using the order Printable < IA5 < T61 < BMP < Universal < UTF8) and |
33 | | // creates a string of the correct type with the supplied data. Yes this is |
34 | | // horrible: it has to be :-( The 'ncopy' form checks minimum and maximum |
35 | | // size limits too. |
36 | | |
37 | | int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, |
38 | 3.24k | ossl_ssize_t len, int inform, unsigned long mask) { |
39 | 3.24k | return ASN1_mbstring_ncopy(out, in, len, inform, mask, /*minsize=*/0, |
40 | 3.24k | /*maxsize=*/0); |
41 | 3.24k | } |
42 | | |
43 | | OPENSSL_DECLARE_ERROR_REASON(ASN1, INVALID_BMPSTRING) |
44 | | OPENSSL_DECLARE_ERROR_REASON(ASN1, INVALID_UNIVERSALSTRING) |
45 | | OPENSSL_DECLARE_ERROR_REASON(ASN1, INVALID_UTF8STRING) |
46 | | |
47 | | int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, |
48 | | ossl_ssize_t len, int inform, unsigned long mask, |
49 | 179k | ossl_ssize_t minsize, ossl_ssize_t maxsize) { |
50 | 179k | if (len == -1) { |
51 | 179k | len = strlen((const char *)in); |
52 | 179k | } |
53 | 179k | if (!mask) { |
54 | 0 | mask = DIRSTRING_TYPE; |
55 | 0 | } |
56 | | |
57 | 179k | int (*decode_func)(CBS *, uint32_t *); |
58 | 179k | int error; |
59 | 179k | switch (inform) { |
60 | 0 | case MBSTRING_BMP: |
61 | 0 | decode_func = CBS_get_ucs2_be; |
62 | 0 | error = ASN1_R_INVALID_BMPSTRING; |
63 | 0 | break; |
64 | | |
65 | 0 | case MBSTRING_UNIV: |
66 | 0 | decode_func = CBS_get_utf32_be; |
67 | 0 | error = ASN1_R_INVALID_UNIVERSALSTRING; |
68 | 0 | break; |
69 | | |
70 | 1.03k | case MBSTRING_UTF8: |
71 | 1.03k | decode_func = CBS_get_utf8; |
72 | 1.03k | error = ASN1_R_INVALID_UTF8STRING; |
73 | 1.03k | break; |
74 | | |
75 | 178k | case MBSTRING_ASC: |
76 | 178k | decode_func = CBS_get_latin1; |
77 | 178k | error = ERR_R_INTERNAL_ERROR; // Latin-1 inputs are never invalid. |
78 | 178k | break; |
79 | | |
80 | 0 | default: |
81 | 0 | OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_FORMAT); |
82 | 0 | return -1; |
83 | 179k | } |
84 | | |
85 | | // Check |minsize| and |maxsize| and work out the minimal type, if any. |
86 | 179k | CBS cbs; |
87 | 179k | CBS_init(&cbs, in, len); |
88 | 179k | size_t utf8_len = 0, nchar = 0; |
89 | 161M | while (CBS_len(&cbs) != 0) { |
90 | 161M | uint32_t c; |
91 | 161M | if (!decode_func(&cbs, &c)) { |
92 | 25 | OPENSSL_PUT_ERROR(ASN1, error); |
93 | 25 | return -1; |
94 | 25 | } |
95 | 161M | if (nchar == 0 && (inform == MBSTRING_BMP || inform == MBSTRING_UNIV) && |
96 | 0 | c == 0xfeff) { |
97 | | // Reject byte-order mark. We could drop it but that would mean |
98 | | // adding ambiguity around whether a BOM was included or not when |
99 | | // matching strings. |
100 | | // |
101 | | // For a little-endian UCS-2 string, the BOM will appear as 0xfffe |
102 | | // and will be rejected as noncharacter, below. |
103 | 0 | OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_CHARACTERS); |
104 | 0 | return -1; |
105 | 0 | } |
106 | | |
107 | | // Update which output formats are still possible. |
108 | 161M | if ((mask & B_ASN1_PRINTABLESTRING) && !asn1_is_printable(c)) { |
109 | 64 | mask &= ~B_ASN1_PRINTABLESTRING; |
110 | 64 | } |
111 | 161M | if ((mask & B_ASN1_IA5STRING) && (c > 127)) { |
112 | 39 | mask &= ~B_ASN1_IA5STRING; |
113 | 39 | } |
114 | 161M | if ((mask & B_ASN1_T61STRING) && (c > 0xff)) { |
115 | 4 | mask &= ~B_ASN1_T61STRING; |
116 | 4 | } |
117 | 161M | if ((mask & B_ASN1_BMPSTRING) && (c > 0xffff)) { |
118 | 13 | mask &= ~B_ASN1_BMPSTRING; |
119 | 13 | } |
120 | 161M | if (!mask) { |
121 | 120 | OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_CHARACTERS); |
122 | 120 | return -1; |
123 | 120 | } |
124 | | |
125 | 161M | nchar++; |
126 | 161M | utf8_len += CBB_get_utf8_len(c); |
127 | 161M | if (maxsize > 0 && nchar > (size_t)maxsize) { |
128 | 1 | OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_LONG); |
129 | 1 | ERR_add_error_dataf("maxsize=%zu", (size_t)maxsize); |
130 | 1 | return -1; |
131 | 1 | } |
132 | 161M | } |
133 | | |
134 | 179k | if (minsize > 0 && nchar < (size_t)minsize) { |
135 | 16 | OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_SHORT); |
136 | 16 | ERR_add_error_dataf("minsize=%zu", (size_t)minsize); |
137 | 16 | return -1; |
138 | 16 | } |
139 | | |
140 | | // Now work out output format and string type |
141 | 179k | int str_type; |
142 | 179k | int (*encode_func)(CBB *, uint32_t) = CBB_add_latin1; |
143 | 179k | size_t size_estimate = nchar; |
144 | 179k | int outform = MBSTRING_ASC; |
145 | 179k | if (mask & B_ASN1_PRINTABLESTRING) { |
146 | 1.89k | str_type = V_ASN1_PRINTABLESTRING; |
147 | 177k | } else if (mask & B_ASN1_IA5STRING) { |
148 | 4.54k | str_type = V_ASN1_IA5STRING; |
149 | 172k | } else if (mask & B_ASN1_T61STRING) { |
150 | 4.40k | str_type = V_ASN1_T61STRING; |
151 | 168k | } else if (mask & B_ASN1_BMPSTRING) { |
152 | 6.30k | str_type = V_ASN1_BMPSTRING; |
153 | 6.30k | outform = MBSTRING_BMP; |
154 | 6.30k | encode_func = CBB_add_ucs2_be; |
155 | 6.30k | size_estimate = 2 * nchar; |
156 | 162k | } else if (mask & B_ASN1_UNIVERSALSTRING) { |
157 | 150k | str_type = V_ASN1_UNIVERSALSTRING; |
158 | 150k | encode_func = CBB_add_utf32_be; |
159 | 150k | size_estimate = 4 * nchar; |
160 | 150k | outform = MBSTRING_UNIV; |
161 | 150k | } else if (mask & B_ASN1_UTF8STRING) { |
162 | 11.3k | str_type = V_ASN1_UTF8STRING; |
163 | 11.3k | outform = MBSTRING_UTF8; |
164 | 11.3k | encode_func = CBB_add_utf8; |
165 | 11.3k | size_estimate = utf8_len; |
166 | 11.3k | } else { |
167 | 0 | OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_CHARACTERS); |
168 | 0 | return -1; |
169 | 0 | } |
170 | | |
171 | 179k | if (!out) { |
172 | 0 | return str_type; |
173 | 0 | } |
174 | | |
175 | 179k | int free_dest = 0; |
176 | 179k | ASN1_STRING *dest; |
177 | 179k | if (*out) { |
178 | 11.4k | dest = *out; |
179 | 167k | } else { |
180 | 167k | free_dest = 1; |
181 | 167k | dest = ASN1_STRING_type_new(str_type); |
182 | 167k | if (!dest) { |
183 | 0 | return -1; |
184 | 0 | } |
185 | 167k | } |
186 | | |
187 | 179k | CBB cbb; |
188 | 179k | CBB_zero(&cbb); |
189 | | // If both the same type just copy across |
190 | 179k | uint8_t *data = nullptr; |
191 | 179k | size_t data_len = 0; |
192 | 179k | if (inform == outform) { |
193 | 10.7k | if (!ASN1_STRING_set(dest, in, len)) { |
194 | 0 | goto err; |
195 | 0 | } |
196 | 10.7k | dest->type = str_type; |
197 | 10.7k | *out = dest; |
198 | 10.7k | return str_type; |
199 | 10.7k | } |
200 | 168k | if (!CBB_init(&cbb, size_estimate + 1)) { |
201 | 0 | goto err; |
202 | 0 | } |
203 | 168k | CBS_init(&cbs, in, len); |
204 | 161M | while (CBS_len(&cbs) != 0) { |
205 | 161M | uint32_t c; |
206 | 161M | if (!decode_func(&cbs, &c) || !encode_func(&cbb, c)) { |
207 | 0 | OPENSSL_PUT_ERROR(ASN1, ERR_R_INTERNAL_ERROR); |
208 | 0 | goto err; |
209 | 0 | } |
210 | 161M | } |
211 | 168k | if (/* OpenSSL historically NUL-terminated this value with a single byte, |
212 | | * even for |MBSTRING_BMP| and |MBSTRING_UNIV|. */ |
213 | 168k | !CBB_add_u8(&cbb, 0) || // |
214 | 168k | !CBB_finish(&cbb, &data, &data_len) || // |
215 | 168k | data_len < 1 || // |
216 | 168k | data_len > INT_MAX) { |
217 | 0 | OPENSSL_PUT_ERROR(ASN1, ERR_R_INTERNAL_ERROR); |
218 | 0 | OPENSSL_free(data); |
219 | 0 | goto err; |
220 | 0 | } |
221 | 168k | dest->type = str_type; |
222 | 168k | ASN1_STRING_set0(dest, data, (int)data_len - 1); |
223 | 168k | *out = dest; |
224 | 168k | return str_type; |
225 | | |
226 | 0 | err: |
227 | 0 | if (free_dest) { |
228 | 0 | ASN1_STRING_free(dest); |
229 | 0 | } |
230 | 0 | CBB_cleanup(&cbb); |
231 | 0 | return -1; |
232 | 168k | } |
233 | | |
234 | 4.63k | int bssl::asn1_is_printable(uint32_t value) { |
235 | 4.63k | if (value > 0x7f) { |
236 | 34 | return 0; |
237 | 34 | } |
238 | 4.60k | return OPENSSL_isalnum(value) || // |
239 | 3.65k | value == ' ' || value == '\'' || value == '(' || value == ')' || |
240 | 2.76k | value == '+' || value == ',' || value == '-' || value == '.' || |
241 | 966 | value == '/' || value == ':' || value == '=' || value == '?'; |
242 | 4.63k | } |