/src/botan/src/lib/x509/asn1_alt_name.cpp

Source (jump to first uncovered line)
/*
* AlternativeName
* (C) 1999-2007 Jack Lloyd
*     2007 Yves Jerschow
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include <botan/pkix_types.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
#include <botan/oids.h>
#include <botan/internal/stl_util.h>
#include <botan/internal/parsing.h>
#include <botan/internal/loadstor.h>

#include <sstream>

namespace Botan {

/*
* Create an AlternativeName
*/
AlternativeName::AlternativeName(const std::string& email_addr,
                                 const std::string& uri,
                                 const std::string& dns,
                                 const std::string& ip)
   {
   add_attribute("RFC822", email_addr);
   add_attribute("DNS", dns);
   add_attribute("URI", uri);
   add_attribute("IP", ip);
   }

/*
* Add an attribute to an alternative name
*/
void AlternativeName::add_attribute(const std::string& type,
                                    const std::string& value)
   {
   if(type.empty() || value.empty())
      return;

   auto range = m_alt_info.equal_range(type);
   for(auto j = range.first; j != range.second; ++j)
      if(j->second == value)
         return;

   multimap_insert(m_alt_info, type, value);
   }

/*
* Add an OtherName field
*/
void AlternativeName::add_othername(const OID& oid, const std::string& value,
                                    ASN1_Type type)
   {
   if(value.empty())
      return;
   multimap_insert(m_othernames, oid, ASN1_String(value, type));
   }

/*
* Return all of the alternative names
*/
std::multimap<std::string, std::string> AlternativeName::contents() const
   {
   std::multimap<std::string, std::string> names;

   for(const auto& name : m_alt_info)
      {
      multimap_insert(names, name.first, name.second);
      }

   for(const auto& othername : m_othernames)
      {
      multimap_insert(names,
                      othername.first.to_formatted_string(),
                      othername.second.value());
      }

   return names;
   }

bool AlternativeName::has_field(const std::string& attr) const
   {
   auto range = m_alt_info.equal_range(attr);
   return (range.first != range.second);
   }

std::string AlternativeName::get_first_attribute(const std::string& attr) const
   {
   auto i = m_alt_info.lower_bound(attr);
   if(i != m_alt_info.end() && i->first == attr)
      return i->second;

   return "";
   }

std::vector<std::string> AlternativeName::get_attribute(const std::string& attr) const
   {
   std::vector<std::string> results;
   auto range = m_alt_info.equal_range(attr);
   for(auto i = range.first; i != range.second; ++i)
      results.push_back(i->second);
   return results;
   }

X509_DN AlternativeName::dn() const
   {
   X509_DN dn;
   auto range = m_alt_info.equal_range("DN");

   for(auto i = range.first; i != range.second; ++i)
      {
      std::istringstream strm(i->second);
      strm >> dn;
      }

   return dn;
   }

/*
* Return if this object has anything useful
*/
bool AlternativeName::has_items() const
   {
   return (!m_alt_info.empty() || !m_othernames.empty());
   }

namespace {

/*
* DER encode an AlternativeName entry
*/
void encode_entries(DER_Encoder& encoder,
                    const std::multimap<std::string, std::string>& attr,
                    const std::string& type, ASN1_Type tagging)
   {
   auto range = attr.equal_range(type);

   for(auto i = range.first; i != range.second; ++i)
      {
      if(type == "RFC822" || type == "DNS" || type == "URI")
         {
         ASN1_String asn1_string(i->second, ASN1_Type::Ia5String);
         encoder.add_object(tagging, ASN1_Class::ContextSpecific, asn1_string.value());
         }
      else if(type == "IP")
         {
         const uint32_t ip = string_to_ipv4(i->second);
         uint8_t ip_buf[4] = { 0 };
         store_be(ip, ip_buf);
         encoder.add_object(tagging, ASN1_Class::ContextSpecific, ip_buf, 4);
         }
      else if (type == "DN")
         {
         std::stringstream ss(i->second);
         X509_DN dn;
         ss >> dn;
         encoder.encode(dn);
         }
      }
   }

}

/*
* DER encode an AlternativeName extension
*/
void AlternativeName::encode_into(DER_Encoder& der) const
   {
   der.start_sequence();

   encode_entries(der, m_alt_info, "RFC822", ASN1_Type(1));
   encode_entries(der, m_alt_info, "DNS", ASN1_Type(2));
   encode_entries(der, m_alt_info, "DN", ASN1_Type(4));
   encode_entries(der, m_alt_info, "URI", ASN1_Type(6));
   encode_entries(der, m_alt_info, "IP", ASN1_Type(7));

   for(const auto& othername : m_othernames)
      {
      der.start_explicit(0)
         .encode(othername.first)
         .start_explicit(0)
            .encode(othername.second)
         .end_explicit()
      .end_explicit();
      }

   der.end_cons();
   }

/*
* Decode a BER encoded AlternativeName
*/
void AlternativeName::decode_from(BER_Decoder& source)
   {
   BER_Decoder names = source.start_sequence();

   // FIXME this is largely a duplication of GeneralName::decode_from

   while(names.more_items())
      {
      BER_Object obj = names.get_next_object();

      if(obj.is_a(0, ASN1_Class::ContextSpecific))
         {
         BER_Decoder othername(obj);

         OID oid;
         othername.decode(oid);
         if(othername.more_items())
            {
            BER_Object othername_value_outer = othername.get_next_object();
            othername.verify_end();

            if(othername_value_outer.is_a(0, ASN1_Class::ExplicitContextSpecific) == false)
               throw Decoding_Error("Invalid tags on otherName value");

            BER_Decoder othername_value_inner(othername_value_outer);

            BER_Object value = othername_value_inner.get_next_object();
            othername_value_inner.verify_end();

            if(ASN1_String::is_string_type(value.type()) && value.get_class() == ASN1_Class::Universal)
               {
               add_othername(oid, ASN1::to_string(value), value.type());
               }
            }
         }
      if(obj.is_a(1, ASN1_Class::ContextSpecific))
         {
         add_attribute("RFC822", ASN1::to_string(obj));
         }
      else if(obj.is_a(2, ASN1_Class::ContextSpecific))
         {
         add_attribute("DNS", ASN1::to_string(obj));
         }
      else if(obj.is_a(6, ASN1_Class::ContextSpecific))
         {
         add_attribute("URI", ASN1::to_string(obj));
         }
      else if(obj.is_a(4, ASN1_Class::ContextSpecific | ASN1_Class::Constructed))
         {
         BER_Decoder dec(obj);
         X509_DN dn;
         std::stringstream ss;

         dec.decode(dn);
         ss << dn;

         add_attribute("DN", ss.str());
         }
      else if(obj.is_a(7, ASN1_Class::ContextSpecific))
         {
         if(obj.length() == 4)
            {
            const uint32_t ip = load_be<uint32_t>(obj.bits(), 0);
            add_attribute("IP", ipv4_to_string(ip));
            }
         }

      }
   }

}

Coverage Report

Created: 2022-06-23 06:44

Line	Count	Source (jump to first uncovered line)
1		/*
2		* AlternativeName
3		* (C) 1999-2007 Jack Lloyd
4		* 2007 Yves Jerschow
5		*
6		* Botan is released under the Simplified BSD License (see license.txt)
7		*/
8
9		#include <botan/pkix_types.h>
10		#include <botan/der_enc.h>
11		#include <botan/ber_dec.h>
12		#include <botan/oids.h>
13		#include <botan/internal/stl_util.h>
14		#include <botan/internal/parsing.h>
15		#include <botan/internal/loadstor.h>
16
17		#include <sstream>
18
19		namespace Botan {
20
21		/*
22		* Create an AlternativeName
23		*/
24		AlternativeName::AlternativeName(const std::string& email_addr,
25		const std::string& uri,
26		const std::string& dns,
27		const std::string& ip)
28	34.1k	{
29	34.1k	add_attribute("RFC822", email_addr);
30	34.1k	add_attribute("DNS", dns);
31	34.1k	add_attribute("URI", uri);
32	34.1k	add_attribute("IP", ip);
33	34.1k	}
34
35		/*
36		* Add an attribute to an alternative name
37		*/
38		void AlternativeName::add_attribute(const std::string& type,
39		const std::string& value)
40	160k	{
41	160k	if(type.empty() \|\| value.empty())
42	141k	return;
43
44	19.5k	auto range = m_alt_info.equal_range(type);
45	119k	for(auto j = range.first; j != range.second; ++j)
46	105k	if(j->second == value)
47	5.34k	return;
48
49	14.1k	multimap_insert(m_alt_info, type, value);
50	14.1k	}
51
52		/*
53		* Add an OtherName field
54		*/
55		void AlternativeName::add_othername(const OID& oid, const std::string& value,
56		ASN1_Type type)
57	2.92k	{
58	2.92k	if(value.empty())
59	188	return;
60	2.73k	multimap_insert(m_othernames, oid, ASN1_String(value, type));
61	2.73k	}
62
63		/*
64		* Return all of the alternative names
65		*/
66		std::multimap<std::string, std::string> AlternativeName::contents() const
67	655	{
68	655	std::multimap<std::string, std::string> names;
69
70	655	for(const auto& name : m_alt_info)
71	2.26k	{
72	2.26k	multimap_insert(names, name.first, name.second);
73	2.26k	}
74
75	655	for(const auto& othername : m_othernames)
76	900	{
77	900	multimap_insert(names,
78	900	othername.first.to_formatted_string(),
79	900	othername.second.value());
80	900	}
81
82	655	return names;
83	655	}
84
85		bool AlternativeName::has_field(const std::string& attr) const
86	0	{
87	0	auto range = m_alt_info.equal_range(attr);
88	0	return (range.first != range.second);
89	0	}
90
91		std::string AlternativeName::get_first_attribute(const std::string& attr) const
92	0	{
93	0	auto i = m_alt_info.lower_bound(attr);
94	0	if(i != m_alt_info.end() && i->first == attr)
95	0	return i->second;
96
97	0	return "";
98	0	}
99
100		std::vector<std::string> AlternativeName::get_attribute(const std::string& attr) const
101	0	{
102	0	std::vector<std::string> results;
103	0	auto range = m_alt_info.equal_range(attr);
104	0	for(auto i = range.first; i != range.second; ++i)
105	0	results.push_back(i->second);
106	0	return results;
107	0	}
108
109		X509_DN AlternativeName::dn() const
110	0	{
111	0	X509_DN dn;
112	0	auto range = m_alt_info.equal_range("DN");
113
114	0	for(auto i = range.first; i != range.second; ++i)
115	0	{
116	0	std::istringstream strm(i->second);
117	0	strm >> dn;
118	0	}
119
120	0	return dn;
121	0	}
122
123		/*
124		* Return if this object has anything useful
125		*/
126		bool AlternativeName::has_items() const
127	0	{
128	0	return (!m_alt_info.empty() \|\| !m_othernames.empty());
129	0	}
130
131		namespace {
132
133		/*
134		* DER encode an AlternativeName entry
135		*/
136		void encode_entries(DER_Encoder& encoder,
137		const std::multimap<std::string, std::string>& attr,
138		const std::string& type, ASN1_Type tagging)
139	0	{
140	0	auto range = attr.equal_range(type);
141
142	0	for(auto i = range.first; i != range.second; ++i)
143	0	{
144	0	if(type == "RFC822" \|\| type == "DNS" \|\| type == "URI")
145	0	{
146	0	ASN1_String asn1_string(i->second, ASN1_Type::Ia5String);
147	0	encoder.add_object(tagging, ASN1_Class::ContextSpecific, asn1_string.value());
148	0	}
149	0	else if(type == "IP")
150	0	{
151	0	const uint32_t ip = string_to_ipv4(i->second);
152	0	uint8_t ip_buf[4] = { 0 };
153	0	store_be(ip, ip_buf);
154	0	encoder.add_object(tagging, ASN1_Class::ContextSpecific, ip_buf, 4);
155	0	}
156	0	else if (type == "DN")
157	0	{
158	0	std::stringstream ss(i->second);
159	0	X509_DN dn;
160	0	ss >> dn;
161	0	encoder.encode(dn);
162	0	}
163	0	}
164	0	}
165
166		}
167
168		/*
169		* DER encode an AlternativeName extension
170		*/
171		void AlternativeName::encode_into(DER_Encoder& der) const
172	0	{
173	0	der.start_sequence();
174
175	0	encode_entries(der, m_alt_info, "RFC822", ASN1_Type(1));
176	0	encode_entries(der, m_alt_info, "DNS", ASN1_Type(2));
177	0	encode_entries(der, m_alt_info, "DN", ASN1_Type(4));
178	0	encode_entries(der, m_alt_info, "URI", ASN1_Type(6));
179	0	encode_entries(der, m_alt_info, "IP", ASN1_Type(7));
180
181	0	for(const auto& othername : m_othernames)
182	0	{
183	0	der.start_explicit(0)
184	0	.encode(othername.first)
185	0	.start_explicit(0)
186	0	.encode(othername.second)
187	0	.end_explicit()
188	0	.end_explicit();
189	0	}
190
191	0	der.end_cons();
192	0	}
193
194		/*
195		* Decode a BER encoded AlternativeName
196		*/
197		void AlternativeName::decode_from(BER_Decoder& source)
198	5.27k	{
199	5.27k	BER_Decoder names = source.start_sequence();
200
201		// FIXME this is largely a duplication of GeneralName::decode_from
202
203	56.2k	while(names.more_items())
204	50.9k	{
205	50.9k	BER_Object obj = names.get_next_object();
206
207	50.9k	if(obj.is_a(0, ASN1_Class::ContextSpecific))
208	4.55k	{
209	4.55k	BER_Decoder othername(obj);
210
211	4.55k	OID oid;
212	4.55k	othername.decode(oid);
213	4.55k	if(othername.more_items())
214	4.09k	{
215	4.09k	BER_Object othername_value_outer = othername.get_next_object();
216	4.09k	othername.verify_end();
217
218	4.09k	if(othername_value_outer.is_a(0, ASN1_Class::ExplicitContextSpecific) == false)
219	45	throw Decoding_Error("Invalid tags on otherName value");
220
221	4.04k	BER_Decoder othername_value_inner(othername_value_outer);
222
223	4.04k	BER_Object value = othername_value_inner.get_next_object();
224	4.04k	othername_value_inner.verify_end();
225
226	4.04k	if(ASN1_String::is_string_type(value.type()) && value.get_class() == ASN1_Class::Universal)
227	2.92k	{
228	2.92k	add_othername(oid, ASN1::to_string(value), value.type());
229	2.92k	}
230	4.04k	}
231	4.55k	}
232	50.9k	if(obj.is_a(1, ASN1_Class::ContextSpecific))
233	9.28k	{
234	9.28k	add_attribute("RFC822", ASN1::to_string(obj));
235	9.28k	}
236	41.6k	else if(obj.is_a(2, ASN1_Class::ContextSpecific))
237	5.23k	{
238	5.23k	add_attribute("DNS", ASN1::to_string(obj));
239	5.23k	}
240	36.4k	else if(obj.is_a(6, ASN1_Class::ContextSpecific))
241	3.45k	{
242	3.45k	add_attribute("URI", ASN1::to_string(obj));
243	3.45k	}
244	32.9k	else if(obj.is_a(4, ASN1_Class::ContextSpecific \| ASN1_Class::Constructed))
245	4.33k	{
246	4.33k	BER_Decoder dec(obj);
247	4.33k	X509_DN dn;
248	4.33k	std::stringstream ss;
249
250	4.33k	dec.decode(dn);
251	4.33k	ss << dn;
252
253	4.33k	add_attribute("DN", ss.str());
254	4.33k	}
255	28.6k	else if(obj.is_a(7, ASN1_Class::ContextSpecific))
256	4.27k	{
257	4.27k	if(obj.length() == 4)
258	2.73k	{
259	2.73k	const uint32_t ip = load_be<uint32_t>(obj.bits(), 0);
260	2.73k	add_attribute("IP", ipv4_to_string(ip));
261	2.73k	}
262	4.27k	}
263
264	50.9k	}
265	5.27k	}
266
267		}