/src/botan/src/lib/x509/asn1_alt_name.cpp

Source (jump to first uncovered line)
/*
* AlternativeName
* (C) 1999-2007 Jack Lloyd
*     2007 Yves Jerschow
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include <botan/asn1_alt_name.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
#include <botan/oids.h>
#include <botan/internal/stl_util.h>
#include <botan/parsing.h>
#include <botan/loadstor.h>
#include <botan/x509_dn.h>

#include <sstream>

namespace Botan {

/*
* Create an AlternativeName
*/
AlternativeName::AlternativeName(const std::string& email_addr,
                                 const std::string& uri,
                                 const std::string& dns,
                                 const std::string& ip)
   {
   add_attribute("RFC822", email_addr);
   add_attribute("DNS", dns);
   add_attribute("URI", uri);
   add_attribute("IP", ip);
   }

/*
* Add an attribute to an alternative name
*/
void AlternativeName::add_attribute(const std::string& type,
                                    const std::string& value)
   {
   if(type.empty() || value.empty())
      return;

   auto range = m_alt_info.equal_range(type);
   for(auto j = range.first; j != range.second; ++j)
      if(j->second == value)
         return;

   multimap_insert(m_alt_info, type, value);
   }

/*
* Add an OtherName field
*/
void AlternativeName::add_othername(const OID& oid, const std::string& value,
                                    ASN1_Tag type)
   {
   if(value.empty())
      return;
   multimap_insert(m_othernames, oid, ASN1_String(value, type));
   }

/*
* Return all of the alternative names
*/
std::multimap<std::string, std::string> AlternativeName::contents() const
   {
   std::multimap<std::string, std::string> names;

   for(auto i = m_alt_info.begin(); i != m_alt_info.end(); ++i)
      {
      multimap_insert(names, i->first, i->second);
      }

   for(auto i = m_othernames.begin(); i != m_othernames.end(); ++i)
      {
      multimap_insert(names, i->first.to_formatted_string(), i->second.value());
      }

   return names;
   }

bool AlternativeName::has_field(const std::string& attr) const
   {
   auto range = m_alt_info.equal_range(attr);
   return (range.first != range.second);
   }

std::string AlternativeName::get_first_attribute(const std::string& attr) const
   {
   auto i = m_alt_info.lower_bound(attr);
   if(i != m_alt_info.end() && i->first == attr)
      return i->second;

   return "";
   }

std::vector<std::string> AlternativeName::get_attribute(const std::string& attr) const
   {
   std::vector<std::string> results;
   auto range = m_alt_info.equal_range(attr);
   for(auto i = range.first; i != range.second; ++i)
      results.push_back(i->second);
   return results;
   }

X509_DN AlternativeName::dn() const
   {
   X509_DN dn;
   auto range = m_alt_info.equal_range("DN");

   for(auto i = range.first; i != range.second; ++i)
      {
      std::istringstream strm(i->second);
      strm >> dn;
      }

   return dn;
   }

/*
* Return if this object has anything useful
*/
bool AlternativeName::has_items() const
   {
   return (m_alt_info.size() > 0 || m_othernames.size() > 0);
   }

namespace {

/*
* DER encode an AlternativeName entry
*/
void encode_entries(DER_Encoder& encoder,
                    const std::multimap<std::string, std::string>& attr,
                    const std::string& type, ASN1_Tag tagging)
   {
   auto range = attr.equal_range(type);

   for(auto i = range.first; i != range.second; ++i)
      {
      if(type == "RFC822" || type == "DNS" || type == "URI")
         {
         ASN1_String asn1_string(i->second, IA5_STRING);
         encoder.add_object(tagging, CONTEXT_SPECIFIC, asn1_string.value());
         }
      else if(type == "IP")
         {
         const uint32_t ip = string_to_ipv4(i->second);
         uint8_t ip_buf[4] = { 0 };
         store_be(ip, ip_buf);
         encoder.add_object(tagging, CONTEXT_SPECIFIC, ip_buf, 4);
         }
      else if (type == "DN")
         {
         std::stringstream ss(i->second);
         X509_DN dn;
         ss >> dn;
         encoder.encode(dn);
         }
      }
   }

}

/*
* DER encode an AlternativeName extension
*/
void AlternativeName::encode_into(DER_Encoder& der) const
   {
   der.start_cons(SEQUENCE);

   encode_entries(der, m_alt_info, "RFC822", ASN1_Tag(1));
   encode_entries(der, m_alt_info, "DNS", ASN1_Tag(2));
   encode_entries(der, m_alt_info, "DN", ASN1_Tag(4));
   encode_entries(der, m_alt_info, "URI", ASN1_Tag(6));
   encode_entries(der, m_alt_info, "IP", ASN1_Tag(7));

   for(auto i = m_othernames.begin(); i != m_othernames.end(); ++i)
      {
      der.start_explicit(0)
         .encode(i->first)
         .start_explicit(0)
            .encode(i->second)
         .end_explicit()
      .end_explicit();
      }

   der.end_cons();
   }

/*
* Decode a BER encoded AlternativeName
*/
void AlternativeName::decode_from(BER_Decoder& source)
   {
   BER_Decoder names = source.start_cons(SEQUENCE);

   // FIXME this is largely a duplication of GeneralName::decode_from

   while(names.more_items())
      {
      BER_Object obj = names.get_next_object();

      if(obj.is_a(0, CONTEXT_SPECIFIC))
         {
         BER_Decoder othername(obj);

         OID oid;
         othername.decode(oid);
         if(othername.more_items())
            {
            BER_Object othername_value_outer = othername.get_next_object();
            othername.verify_end();

            if(othername_value_outer.is_a(0, ASN1_Tag(CONTEXT_SPECIFIC | CONSTRUCTED)) == false)
               throw Decoding_Error("Invalid tags on otherName value");

            BER_Decoder othername_value_inner(othername_value_outer);

            BER_Object value = othername_value_inner.get_next_object();
            othername_value_inner.verify_end();

            if(ASN1_String::is_string_type(value.type()) && value.get_class() == UNIVERSAL)
               {
               add_othername(oid, ASN1::to_string(value), value.type());
               }
            }
         }
      if(obj.is_a(1, CONTEXT_SPECIFIC))
         {
         add_attribute("RFC822", ASN1::to_string(obj));
         }
      else if(obj.is_a(2, CONTEXT_SPECIFIC))
         {
         add_attribute("DNS", ASN1::to_string(obj));
         }
      else if(obj.is_a(6, CONTEXT_SPECIFIC))
         {
         add_attribute("URI", ASN1::to_string(obj));
         }
      else if(obj.is_a(4, ASN1_Tag(CONTEXT_SPECIFIC | CONSTRUCTED)))
         {
         BER_Decoder dec(obj);
         X509_DN dn;
         std::stringstream ss;

         dec.decode(dn);
         ss << dn;

         add_attribute("DN", ss.str());
         }
      else if(obj.is_a(7, CONTEXT_SPECIFIC))
         {
         if(obj.length() == 4)
            {
            const uint32_t ip = load_be<uint32_t>(obj.bits(), 0);
            add_attribute("IP", ipv4_to_string(ip));
            }
         }

      }
   }

}

Coverage Report

Created: 2020-10-17 06:46

Line	Count	Source (jump to first uncovered line)
1		/*
2		* AlternativeName
3		* (C) 1999-2007 Jack Lloyd
4		* 2007 Yves Jerschow
5		*
6		* Botan is released under the Simplified BSD License (see license.txt)
7		*/
8
9		#include <botan/asn1_alt_name.h>
10		#include <botan/der_enc.h>
11		#include <botan/ber_dec.h>
12		#include <botan/oids.h>
13		#include <botan/internal/stl_util.h>
14		#include <botan/parsing.h>
15		#include <botan/loadstor.h>
16		#include <botan/x509_dn.h>
17
18		#include <sstream>
19
20		namespace Botan {
21
22		/*
23		* Create an AlternativeName
24		*/
25		AlternativeName::AlternativeName(const std::string& email_addr,
26		const std::string& uri,
27		const std::string& dns,
28		const std::string& ip)
29	34.3k	{
30	34.3k	add_attribute("RFC822", email_addr);
31	34.3k	add_attribute("DNS", dns);
32	34.3k	add_attribute("URI", uri);
33	34.3k	add_attribute("IP", ip);
34	34.3k	}
35
36		/*
37		* Add an attribute to an alternative name
38		*/
39		void AlternativeName::add_attribute(const std::string& type,
40		const std::string& value)
41	156k	{
42	156k	if(type.empty() \|\| value.empty())
43	137k	return;
44	18.3k
45	18.3k	auto range = m_alt_info.equal_range(type);
46	155k	for(auto j = range.first; j != range.second; ++j)
47	141k	if(j->second == value)
48	4.67k	return;
49	18.3k
50	13.6k	multimap_insert(m_alt_info, type, value);
51	13.6k	}
52
53		/*
54		* Add an OtherName field
55		*/
56		void AlternativeName::add_othername(const OID& oid, const std::string& value,
57		ASN1_Tag type)
58	1.46k	{
59	1.46k	if(value.empty())
60	112	return;
61	1.35k	multimap_insert(m_othernames, oid, ASN1_String(value, type));
62	1.35k	}
63
64		/*
65		* Return all of the alternative names
66		*/
67		std::multimap<std::string, std::string> AlternativeName::contents() const
68	958	{
69	958	std::multimap<std::string, std::string> names;
70	958
71	7.06k	for(auto i = m_alt_info.begin(); i != m_alt_info.end(); ++i)
72	6.10k	{
73	6.10k	multimap_insert(names, i->first, i->second);
74	6.10k	}
75	958
76	1.72k	for(auto i = m_othernames.begin(); i != m_othernames.end(); ++i)
77	771	{
78	771	multimap_insert(names, i->first.to_formatted_string(), i->second.value());
79	771	}
80	958
81	958	return names;
82	958	}
83
84		bool AlternativeName::has_field(const std::string& attr) const
85	0	{
86	0	auto range = m_alt_info.equal_range(attr);
87	0	return (range.first != range.second);
88	0	}
89
90		std::string AlternativeName::get_first_attribute(const std::string& attr) const
91	0	{
92	0	auto i = m_alt_info.lower_bound(attr);
93	0	if(i != m_alt_info.end() && i->first == attr)
94	0	return i->second;
95	0
96	0	return "";
97	0	}
98
99		std::vector<std::string> AlternativeName::get_attribute(const std::string& attr) const
100	0	{
101	0	std::vector<std::string> results;
102	0	auto range = m_alt_info.equal_range(attr);
103	0	for(auto i = range.first; i != range.second; ++i)
104	0	results.push_back(i->second);
105	0	return results;
106	0	}
107
108		X509_DN AlternativeName::dn() const
109	0	{
110	0	X509_DN dn;
111	0	auto range = m_alt_info.equal_range("DN");
112	0
113	0	for(auto i = range.first; i != range.second; ++i)
114	0	{
115	0	std::istringstream strm(i->second);
116	0	strm >> dn;
117	0	}
118	0
119	0	return dn;
120	0	}
121
122		/*
123		* Return if this object has anything useful
124		*/
125		bool AlternativeName::has_items() const
126	0	{
127	0	return (m_alt_info.size() > 0 \|\| m_othernames.size() > 0);
128	0	}
129
130		namespace {
131
132		/*
133		* DER encode an AlternativeName entry
134		*/
135		void encode_entries(DER_Encoder& encoder,
136		const std::multimap<std::string, std::string>& attr,
137		const std::string& type, ASN1_Tag tagging)
138	0	{
139	0	auto range = attr.equal_range(type);
140	0
141	0	for(auto i = range.first; i != range.second; ++i)
142	0	{
143	0	if(type == "RFC822" \|\| type == "DNS" \|\| type == "URI")
144	0	{
145	0	ASN1_String asn1_string(i->second, IA5_STRING);
146	0	encoder.add_object(tagging, CONTEXT_SPECIFIC, asn1_string.value());
147	0	}
148	0	else if(type == "IP")
149	0	{
150	0	const uint32_t ip = string_to_ipv4(i->second);
151	0	uint8_t ip_buf[4] = { 0 };
152	0	store_be(ip, ip_buf);
153	0	encoder.add_object(tagging, CONTEXT_SPECIFIC, ip_buf, 4);
154	0	}
155	0	else if (type == "DN")
156	0	{
157	0	std::stringstream ss(i->second);
158	0	X509_DN dn;
159	0	ss >> dn;
160	0	encoder.encode(dn);
161	0	}
162	0	}
163	0	}
164
165		}
166
167		/*
168		* DER encode an AlternativeName extension
169		*/
170		void AlternativeName::encode_into(DER_Encoder& der) const
171	0	{
172	0	der.start_cons(SEQUENCE);
173	0
174	0	encode_entries(der, m_alt_info, "RFC822", ASN1_Tag(1));
175	0	encode_entries(der, m_alt_info, "DNS", ASN1_Tag(2));
176	0	encode_entries(der, m_alt_info, "DN", ASN1_Tag(4));
177	0	encode_entries(der, m_alt_info, "URI", ASN1_Tag(6));
178	0	encode_entries(der, m_alt_info, "IP", ASN1_Tag(7));
179	0
180	0	for(auto i = m_othernames.begin(); i != m_othernames.end(); ++i)
181	0	{
182	0	der.start_explicit(0)
183	0	.encode(i->first)
184	0	.start_explicit(0)
185	0	.encode(i->second)
186	0	.end_explicit()
187	0	.end_explicit();
188	0	}
189	0
190	0	der.end_cons();
191	0	}
192
193		/*
194		* Decode a BER encoded AlternativeName
195		*/
196		void AlternativeName::decode_from(BER_Decoder& source)
197	4.61k	{
198	4.61k	BER_Decoder names = source.start_cons(SEQUENCE);
199	4.61k
200		// FIXME this is largely a duplication of GeneralName::decode_from
201	4.61k
202	44.1k	while(names.more_items())
203	39.6k	{
204	39.6k	BER_Object obj = names.get_next_object();
205	39.6k
206	39.6k	if(obj.is_a(0, CONTEXT_SPECIFIC))
207	2.29k	{
208	2.29k	BER_Decoder othername(obj);
209	2.29k
210	2.29k	OID oid;
211	2.29k	othername.decode(oid);
212	2.29k	if(othername.more_items())
213	2.03k	{
214	2.03k	BER_Object othername_value_outer = othername.get_next_object();
215	2.03k	othername.verify_end();
216	2.03k
217	2.03k	if(othername_value_outer.is_a(0, ASN1_Tag(CONTEXT_SPECIFIC \| CONSTRUCTED)) == false)
218	33	throw Decoding_Error("Invalid tags on otherName value");
219	2.00k
220	2.00k	BER_Decoder othername_value_inner(othername_value_outer);
221	2.00k
222	2.00k	BER_Object value = othername_value_inner.get_next_object();
223	2.00k	othername_value_inner.verify_end();
224	2.00k
225	2.00k	if(ASN1_String::is_string_type(value.type()) && value.get_class() == UNIVERSAL)
226	1.46k	{
227	1.46k	add_othername(oid, ASN1::to_string(value), value.type());
228	1.46k	}
229	2.00k	}
230	2.29k	}
231	39.5k	if(obj.is_a(1, CONTEXT_SPECIFIC))
232	6.43k	{
233	6.43k	add_attribute("RFC822", ASN1::to_string(obj));
234	6.43k	}
235	33.1k	else if(obj.is_a(2, CONTEXT_SPECIFIC))
236	2.84k	{
237	2.84k	add_attribute("DNS", ASN1::to_string(obj));
238	2.84k	}
239	30.2k	else if(obj.is_a(6, CONTEXT_SPECIFIC))
240	2.44k	{
241	2.44k	add_attribute("URI", ASN1::to_string(obj));
242	2.44k	}
243	27.8k	else if(obj.is_a(4, ASN1_Tag(CONTEXT_SPECIFIC \| CONSTRUCTED)))
244	4.10k	{
245	4.10k	BER_Decoder dec(obj);
246	4.10k	X509_DN dn;
247	4.10k	std::stringstream ss;
248	4.10k
249	4.10k	dec.decode(dn);
250	4.10k	ss << dn;
251	4.10k
252	4.10k	add_attribute("DN", ss.str());
253	4.10k	}
254	23.7k	else if(obj.is_a(7, CONTEXT_SPECIFIC))
255	4.31k	{
256	4.31k	if(obj.length() == 4)
257	3.99k	{
258	3.99k	const uint32_t ip = load_be<uint32_t>(obj.bits(), 0);
259	3.99k	add_attribute("IP", ipv4_to_string(ip));
260	3.99k	}
261	4.31k	}
262	39.5k
263	39.5k	}
264	4.61k	}
265
266		}