/src/botan/src/lib/x509/asn1_alt_name.cpp

Source (jump to first uncovered line)
/*
* AlternativeName
* (C) 1999-2007 Jack Lloyd
*     2007 Yves Jerschow
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include <botan/pkix_types.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
#include <botan/oids.h>
#include <botan/internal/stl_util.h>
#include <botan/internal/parsing.h>
#include <botan/internal/loadstor.h>

#include <sstream>

namespace Botan {

/*
* Create an AlternativeName
*/
AlternativeName::AlternativeName(const std::string& email_addr,
                                 const std::string& uri,
                                 const std::string& dns,
                                 const std::string& ip)
   {
   add_attribute("RFC822", email_addr);
   add_attribute("DNS", dns);
   add_attribute("URI", uri);
   add_attribute("IP", ip);
   }

/*
* Add an attribute to an alternative name
*/
void AlternativeName::add_attribute(const std::string& type,
                                    const std::string& value)
   {
   if(type.empty() || value.empty())
      return;

   auto range = m_alt_info.equal_range(type);
   for(auto j = range.first; j != range.second; ++j)
      if(j->second == value)
         return;

   multimap_insert(m_alt_info, type, value);
   }

/*
* Add an OtherName field
*/
void AlternativeName::add_othername(const OID& oid, const std::string& value,
                                    ASN1_Type type)
   {
   if(value.empty())
      return;
   multimap_insert(m_othernames, oid, ASN1_String(value, type));
   }

/*
* Return all of the alternative names
*/
std::multimap<std::string, std::string> AlternativeName::contents() const
   {
   std::multimap<std::string, std::string> names;

   for(auto i = m_alt_info.begin(); i != m_alt_info.end(); ++i)
      {
      multimap_insert(names, i->first, i->second);
      }

   for(auto i = m_othernames.begin(); i != m_othernames.end(); ++i)
      {
      multimap_insert(names, i->first.to_formatted_string(), i->second.value());
      }

   return names;
   }

bool AlternativeName::has_field(const std::string& attr) const
   {
   auto range = m_alt_info.equal_range(attr);
   return (range.first != range.second);
   }

std::string AlternativeName::get_first_attribute(const std::string& attr) const
   {
   auto i = m_alt_info.lower_bound(attr);
   if(i != m_alt_info.end() && i->first == attr)
      return i->second;

   return "";
   }

std::vector<std::string> AlternativeName::get_attribute(const std::string& attr) const
   {
   std::vector<std::string> results;
   auto range = m_alt_info.equal_range(attr);
   for(auto i = range.first; i != range.second; ++i)
      results.push_back(i->second);
   return results;
   }

X509_DN AlternativeName::dn() const
   {
   X509_DN dn;
   auto range = m_alt_info.equal_range("DN");

   for(auto i = range.first; i != range.second; ++i)
      {
      std::istringstream strm(i->second);
      strm >> dn;
      }

   return dn;
   }

/*
* Return if this object has anything useful
*/
bool AlternativeName::has_items() const
   {
   return (m_alt_info.size() > 0 || m_othernames.size() > 0);
   }

namespace {

/*
* DER encode an AlternativeName entry
*/
void encode_entries(DER_Encoder& encoder,
                    const std::multimap<std::string, std::string>& attr,
                    const std::string& type, ASN1_Type tagging)
   {
   auto range = attr.equal_range(type);

   for(auto i = range.first; i != range.second; ++i)
      {
      if(type == "RFC822" || type == "DNS" || type == "URI")
         {
         ASN1_String asn1_string(i->second, ASN1_Type::Ia5String);
         encoder.add_object(tagging, ASN1_Class::ContextSpecific, asn1_string.value());
         }
      else if(type == "IP")
         {
         const uint32_t ip = string_to_ipv4(i->second);
         uint8_t ip_buf[4] = { 0 };
         store_be(ip, ip_buf);
         encoder.add_object(tagging, ASN1_Class::ContextSpecific, ip_buf, 4);
         }
      else if (type == "DN")
         {
         std::stringstream ss(i->second);
         X509_DN dn;
         ss >> dn;
         encoder.encode(dn);
         }
      }
   }

}

/*
* DER encode an AlternativeName extension
*/
void AlternativeName::encode_into(DER_Encoder& der) const
   {
   der.start_sequence();

   encode_entries(der, m_alt_info, "RFC822", ASN1_Type(1));
   encode_entries(der, m_alt_info, "DNS", ASN1_Type(2));
   encode_entries(der, m_alt_info, "DN", ASN1_Type(4));
   encode_entries(der, m_alt_info, "URI", ASN1_Type(6));
   encode_entries(der, m_alt_info, "IP", ASN1_Type(7));

   for(auto i = m_othernames.begin(); i != m_othernames.end(); ++i)
      {
      der.start_explicit(0)
         .encode(i->first)
         .start_explicit(0)
            .encode(i->second)
         .end_explicit()
      .end_explicit();
      }

   der.end_cons();
   }

/*
* Decode a BER encoded AlternativeName
*/
void AlternativeName::decode_from(BER_Decoder& source)
   {
   BER_Decoder names = source.start_sequence();

   // FIXME this is largely a duplication of GeneralName::decode_from

   while(names.more_items())
      {
      BER_Object obj = names.get_next_object();

      if(obj.is_a(0, ASN1_Class::ContextSpecific))
         {
         BER_Decoder othername(obj);

         OID oid;
         othername.decode(oid);
         if(othername.more_items())
            {
            BER_Object othername_value_outer = othername.get_next_object();
            othername.verify_end();

            if(othername_value_outer.is_a(0, ASN1_Class::ExplicitContextSpecific) == false)
               throw Decoding_Error("Invalid tags on otherName value");

            BER_Decoder othername_value_inner(othername_value_outer);

            BER_Object value = othername_value_inner.get_next_object();
            othername_value_inner.verify_end();

            if(ASN1_String::is_string_type(value.type()) && value.get_class() == ASN1_Class::Universal)
               {
               add_othername(oid, ASN1::to_string(value), value.type());
               }
            }
         }
      if(obj.is_a(1, ASN1_Class::ContextSpecific))
         {
         add_attribute("RFC822", ASN1::to_string(obj));
         }
      else if(obj.is_a(2, ASN1_Class::ContextSpecific))
         {
         add_attribute("DNS", ASN1::to_string(obj));
         }
      else if(obj.is_a(6, ASN1_Class::ContextSpecific))
         {
         add_attribute("URI", ASN1::to_string(obj));
         }
      else if(obj.is_a(4, ASN1_Class::ContextSpecific | ASN1_Class::Constructed))
         {
         BER_Decoder dec(obj);
         X509_DN dn;
         std::stringstream ss;

         dec.decode(dn);
         ss << dn;

         add_attribute("DN", ss.str());
         }
      else if(obj.is_a(7, ASN1_Class::ContextSpecific))
         {
         if(obj.length() == 4)
            {
            const uint32_t ip = load_be<uint32_t>(obj.bits(), 0);
            add_attribute("IP", ipv4_to_string(ip));
            }
         }

      }
   }

}

Coverage Report

Created: 2021-02-21 07:20

Line	Count	Source (jump to first uncovered line)
1		/*
2		* AlternativeName
3		* (C) 1999-2007 Jack Lloyd
4		* 2007 Yves Jerschow
5		*
6		* Botan is released under the Simplified BSD License (see license.txt)
7		*/
8
9		#include <botan/pkix_types.h>
10		#include <botan/der_enc.h>
11		#include <botan/ber_dec.h>
12		#include <botan/oids.h>
13		#include <botan/internal/stl_util.h>
14		#include <botan/internal/parsing.h>
15		#include <botan/internal/loadstor.h>
16
17		#include <sstream>
18
19		namespace Botan {
20
21		/*
22		* Create an AlternativeName
23		*/
24		AlternativeName::AlternativeName(const std::string& email_addr,
25		const std::string& uri,
26		const std::string& dns,
27		const std::string& ip)
28	39.3k	{
29	39.3k	add_attribute("RFC822", email_addr);
30	39.3k	add_attribute("DNS", dns);
31	39.3k	add_attribute("URI", uri);
32	39.3k	add_attribute("IP", ip);
33	39.3k	}
34
35		/*
36		* Add an attribute to an alternative name
37		*/
38		void AlternativeName::add_attribute(const std::string& type,
39		const std::string& value)
40	180k	{
41	180k	if(type.empty() \|\| value.empty())
42	159k	return;
43
44	20.8k	auto range = m_alt_info.equal_range(type);
45	204k	for(auto j = range.first; j != range.second; ++j)
46	190k	if(j->second == value)
47	6.79k	return;
48
49	14.0k	multimap_insert(m_alt_info, type, value);
50	14.0k	}
51
52		/*
53		* Add an OtherName field
54		*/
55		void AlternativeName::add_othername(const OID& oid, const std::string& value,
56		ASN1_Type type)
57	3.11k	{
58	3.11k	if(value.empty())
59	101	return;
60	3.01k	multimap_insert(m_othernames, oid, ASN1_String(value, type));
61	3.01k	}
62
63		/*
64		* Return all of the alternative names
65		*/
66		std::multimap<std::string, std::string> AlternativeName::contents() const
67	589	{
68	589	std::multimap<std::string, std::string> names;
69
70	2.74k	for(auto i = m_alt_info.begin(); i != m_alt_info.end(); ++i)
71	2.15k	{
72	2.15k	multimap_insert(names, i->first, i->second);
73	2.15k	}
74
75	1.39k	for(auto i = m_othernames.begin(); i != m_othernames.end(); ++i)
76	801	{
77	801	multimap_insert(names, i->first.to_formatted_string(), i->second.value());
78	801	}
79
80	589	return names;
81	589	}
82
83		bool AlternativeName::has_field(const std::string& attr) const
84	0	{
85	0	auto range = m_alt_info.equal_range(attr);
86	0	return (range.first != range.second);
87	0	}
88
89		std::string AlternativeName::get_first_attribute(const std::string& attr) const
90	0	{
91	0	auto i = m_alt_info.lower_bound(attr);
92	0	if(i != m_alt_info.end() && i->first == attr)
93	0	return i->second;
94
95	0	return "";
96	0	}
97
98		std::vector<std::string> AlternativeName::get_attribute(const std::string& attr) const
99	0	{
100	0	std::vector<std::string> results;
101	0	auto range = m_alt_info.equal_range(attr);
102	0	for(auto i = range.first; i != range.second; ++i)
103	0	results.push_back(i->second);
104	0	return results;
105	0	}
106
107		X509_DN AlternativeName::dn() const
108	0	{
109	0	X509_DN dn;
110	0	auto range = m_alt_info.equal_range("DN");
111
112	0	for(auto i = range.first; i != range.second; ++i)
113	0	{
114	0	std::istringstream strm(i->second);
115	0	strm >> dn;
116	0	}
117
118	0	return dn;
119	0	}
120
121		/*
122		* Return if this object has anything useful
123		*/
124		bool AlternativeName::has_items() const
125	0	{
126	0	return (m_alt_info.size() > 0 \|\| m_othernames.size() > 0);
127	0	}
128
129		namespace {
130
131		/*
132		* DER encode an AlternativeName entry
133		*/
134		void encode_entries(DER_Encoder& encoder,
135		const std::multimap<std::string, std::string>& attr,
136		const std::string& type, ASN1_Type tagging)
137	0	{
138	0	auto range = attr.equal_range(type);
139
140	0	for(auto i = range.first; i != range.second; ++i)
141	0	{
142	0	if(type == "RFC822" \|\| type == "DNS" \|\| type == "URI")
143	0	{
144	0	ASN1_String asn1_string(i->second, ASN1_Type::Ia5String);
145	0	encoder.add_object(tagging, ASN1_Class::ContextSpecific, asn1_string.value());
146	0	}
147	0	else if(type == "IP")
148	0	{
149	0	const uint32_t ip = string_to_ipv4(i->second);
150	0	uint8_t ip_buf[4] = { 0 };
151	0	store_be(ip, ip_buf);
152	0	encoder.add_object(tagging, ASN1_Class::ContextSpecific, ip_buf, 4);
153	0	}
154	0	else if (type == "DN")
155	0	{
156	0	std::stringstream ss(i->second);
157	0	X509_DN dn;
158	0	ss >> dn;
159	0	encoder.encode(dn);
160	0	}
161	0	}
162	0	}
163
164		}
165
166		/*
167		* DER encode an AlternativeName extension
168		*/
169		void AlternativeName::encode_into(DER_Encoder& der) const
170	0	{
171	0	der.start_sequence();
172
173	0	encode_entries(der, m_alt_info, "RFC822", ASN1_Type(1));
174	0	encode_entries(der, m_alt_info, "DNS", ASN1_Type(2));
175	0	encode_entries(der, m_alt_info, "DN", ASN1_Type(4));
176	0	encode_entries(der, m_alt_info, "URI", ASN1_Type(6));
177	0	encode_entries(der, m_alt_info, "IP", ASN1_Type(7));
178
179	0	for(auto i = m_othernames.begin(); i != m_othernames.end(); ++i)
180	0	{
181	0	der.start_explicit(0)
182	0	.encode(i->first)
183	0	.start_explicit(0)
184	0	.encode(i->second)
185	0	.end_explicit()
186	0	.end_explicit();
187	0	}
188
189	0	der.end_cons();
190	0	}
191
192		/*
193		* Decode a BER encoded AlternativeName
194		*/
195		void AlternativeName::decode_from(BER_Decoder& source)
196	4.51k	{
197	4.51k	BER_Decoder names = source.start_sequence();
198
199		// FIXME this is largely a duplication of GeneralName::decode_from
200
201	56.3k	while(names.more_items())
202	51.8k	{
203	51.8k	BER_Object obj = names.get_next_object();
204
205	51.8k	if(obj.is_a(0, ASN1_Class::ContextSpecific))
206	4.29k	{
207	4.29k	BER_Decoder othername(obj);
208
209	4.29k	OID oid;
210	4.29k	othername.decode(oid);
211	4.29k	if(othername.more_items())
212	3.93k	{
213	3.93k	BER_Object othername_value_outer = othername.get_next_object();
214	3.93k	othername.verify_end();
215
216	3.93k	if(othername_value_outer.is_a(0, ASN1_Class::ExplicitContextSpecific) == false)
217	44	throw Decoding_Error("Invalid tags on otherName value");
218
219	3.89k	BER_Decoder othername_value_inner(othername_value_outer);
220
221	3.89k	BER_Object value = othername_value_inner.get_next_object();
222	3.89k	othername_value_inner.verify_end();
223
224	3.89k	if(ASN1_String::is_string_type(value.type()) && value.get_class() == ASN1_Class::Universal)
225	3.11k	{
226	3.11k	add_othername(oid, ASN1::to_string(value), value.type());
227	3.11k	}
228	3.89k	}
229	4.29k	}
230	51.8k	if(obj.is_a(1, ASN1_Class::ContextSpecific))
231	8.16k	{
232	8.16k	add_attribute("RFC822", ASN1::to_string(obj));
233	8.16k	}
234	43.6k	else if(obj.is_a(2, ASN1_Class::ContextSpecific))
235	2.58k	{
236	2.58k	add_attribute("DNS", ASN1::to_string(obj));
237	2.58k	}
238	41.0k	else if(obj.is_a(6, ASN1_Class::ContextSpecific))
239	3.41k	{
240	3.41k	add_attribute("URI", ASN1::to_string(obj));
241	3.41k	}
242	37.6k	else if(obj.is_a(4, ASN1_Class::ContextSpecific \| ASN1_Class::Constructed))
243	4.12k	{
244	4.12k	BER_Decoder dec(obj);
245	4.12k	X509_DN dn;
246	4.12k	std::stringstream ss;
247
248	4.12k	dec.decode(dn);
249	4.12k	ss << dn;
250
251	4.12k	add_attribute("DN", ss.str());
252	4.12k	}
253	33.5k	else if(obj.is_a(7, ASN1_Class::ContextSpecific))
254	5.45k	{
255	5.45k	if(obj.length() == 4)
256	5.07k	{
257	5.07k	const uint32_t ip = load_be<uint32_t>(obj.bits(), 0);
258	5.07k	add_attribute("IP", ipv4_to_string(ip));
259	5.07k	}
260	5.45k	}
261
262	51.8k	}
263	4.51k	}
264
265		}