/src/openssl/crypto/x509/x509_obj.c

Source
/*
 * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/buffer.h>
#include "crypto/x509.h"
#include "crypto/ctype.h"

/*
 * Limit to ensure we don't overflow: much greater than
 * anything encountered in practice.
 */

#define NAME_ONELINE_MAX (1024 * 1024)

char *X509_NAME_oneline(const X509_NAME *a, char *buf, int len)
{
    const X509_NAME_ENTRY *ne;
    int i;
    int n, lold, l, l1, l2, num, j, type;
    int prev_set = -1;
    const char *s;
    char *p;
    unsigned char *q;
    BUF_MEM *b = NULL;
    int gs_doit[4];
    char tmp_buf[80];
#ifdef CHARSET_EBCDIC
    unsigned char ebcdic_buf[1024];
#endif

    if (buf == NULL) {
        if ((b = BUF_MEM_new()) == NULL)
            goto buferr;
        if (!BUF_MEM_grow(b, 200))
            goto buferr;
        b->data[0] = '\0';
        len = 200;
    } else if (len == 0) {
        return NULL;
    }
    if (a == NULL) {
        if (b) {
            buf = b->data;
            OPENSSL_free(b);
        }
        strncpy(buf, "NO X509_NAME", len);
        buf[len - 1] = '\0';
        return buf;
    }

    len--; /* space for '\0' */
    l = 0;
    for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
        ne = sk_X509_NAME_ENTRY_value(a->entries, i);
        n = OBJ_obj2nid(ne->object);
        if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
            i2t_ASN1_OBJECT(tmp_buf, sizeof(tmp_buf), ne->object);
            s = tmp_buf;
        }
        l1 = (int)strlen(s);

        type = ne->value->type;
        num = ne->value->length;
        if (num > NAME_ONELINE_MAX) {
            ERR_raise(ERR_LIB_X509, X509_R_NAME_TOO_LONG);
            goto end;
        }
        q = ne->value->data;
#ifdef CHARSET_EBCDIC
        if (type == V_ASN1_GENERALSTRING || type == V_ASN1_VISIBLESTRING || type == V_ASN1_PRINTABLESTRING || type == V_ASN1_TELETEXSTRING || type == V_ASN1_IA5STRING) {
            if (num > (int)sizeof(ebcdic_buf))
                num = sizeof(ebcdic_buf);
            ascii2ebcdic(ebcdic_buf, q, num);
            q = ebcdic_buf;
        }
#endif

        if ((type == V_ASN1_GENERALSTRING) && ((num % 4) == 0)) {
            gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 0;
            for (j = 0; j < num; j++)
                if (q[j] != 0)
                    gs_doit[j & 3] = 1;

            if (gs_doit[0] | gs_doit[1] | gs_doit[2])
                gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
            else {
                gs_doit[0] = gs_doit[1] = gs_doit[2] = 0;
                gs_doit[3] = 1;
            }
        } else
            gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;

        for (l2 = j = 0; j < num; j++) {
            if (!gs_doit[j & 3])
                continue;
            l2++;
            if (q[j] == '/' || q[j] == '+')
                l2++; /* char needs to be escaped */
            else if ((ossl_toascii(q[j]) < ossl_toascii(' ')) || (ossl_toascii(q[j]) > ossl_toascii('~')))
                l2 += 3;
        }

        lold = l;
        l += 1 + l1 + 1 + l2;
        if (l > NAME_ONELINE_MAX) {
            ERR_raise(ERR_LIB_X509, X509_R_NAME_TOO_LONG);
            goto end;
        }
        if (b != NULL) {
            if (!BUF_MEM_grow(b, l + 1))
                goto buferr;
            p = &(b->data[lold]);
        } else if (l > len) {
            break;
        } else
            p = &(buf[lold]);
        *(p++) = prev_set == ne->set ? '+' : '/';
        memcpy(p, s, (unsigned int)l1);
        p += l1;
        *(p++) = '=';

#ifndef CHARSET_EBCDIC /* q was assigned above already. */
        q = ne->value->data;
#endif

        for (j = 0; j < num; j++) {
            if (!gs_doit[j & 3])
                continue;
#ifndef CHARSET_EBCDIC
            n = q[j];
            if ((n < ' ') || (n > '~')) {
                *(p++) = '\\';
                *(p++) = 'x';
                p += ossl_to_hex(p, n);
            } else {
                if (n == '/' || n == '+')
                    *(p++) = '\\';
                *(p++) = n;
            }
#else
            n = os_toascii[q[j]];
            if ((n < os_toascii[' ']) || (n > os_toascii['~'])) {
                *(p++) = '\\';
                *(p++) = 'x';
                p += ossl_to_hex(p, n);
            } else {
                if (n == os_toascii['/'] || n == os_toascii['+'])
                    *(p++) = '\\';
                *(p++) = q[j];
            }
#endif
        }
        *p = '\0';
        prev_set = ne->set;
    }
    if (b != NULL) {
        p = b->data;
        OPENSSL_free(b);
    } else
        p = buf;
    if (i == 0)
        *p = '\0';
    return p;
buferr:
    ERR_raise(ERR_LIB_X509, ERR_R_BUF_LIB);
end:
    BUF_MEM_free(b);
    return NULL;
}

Line	Count	Source
1		/*
2		* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <stdio.h>
11		#include "internal/cryptlib.h"
12		#include <openssl/objects.h>
13		#include <openssl/x509.h>
14		#include <openssl/buffer.h>
15		#include "crypto/x509.h"
16		#include "crypto/ctype.h"
17
18		/*
19		* Limit to ensure we don't overflow: much greater than
20		* anything encountered in practice.
21		*/
22
23	0	#define NAME_ONELINE_MAX (1024 * 1024)
24
25		char X509_NAME_oneline(const X509_NAME a, char *buf, int len)
26	0	{
27	0	const X509_NAME_ENTRY *ne;
28	0	int i;
29	0	int n, lold, l, l1, l2, num, j, type;
30	0	int prev_set = -1;
31	0	const char *s;
32	0	char *p;
33	0	unsigned char *q;
34	0	BUF_MEM *b = NULL;
35	0	int gs_doit[4];
36	0	char tmp_buf[80];
37		#ifdef CHARSET_EBCDIC
38		unsigned char ebcdic_buf[1024];
39		#endif
40
41	0	if (buf == NULL) {
42	0	if ((b = BUF_MEM_new()) == NULL)
43	0	goto buferr;
44	0	if (!BUF_MEM_grow(b, 200))
45	0	goto buferr;
46	0	b->data[0] = '\0';
47	0	len = 200;
48	0	} else if (len == 0) {
49	0	return NULL;
50	0	}
51	0	if (a == NULL) {
52	0	if (b) {
53	0	buf = b->data;
54	0	OPENSSL_free(b);
55	0	}
56	0	strncpy(buf, "NO X509_NAME", len);
57	0	buf[len - 1] = '\0';
58	0	return buf;
59	0	}
60
61	0	len--; /* space for '\0' */
62	0	l = 0;
63	0	for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
64	0	ne = sk_X509_NAME_ENTRY_value(a->entries, i);
65	0	n = OBJ_obj2nid(ne->object);
66	0	if ((n == NID_undef) \|\| ((s = OBJ_nid2sn(n)) == NULL)) {
67	0	i2t_ASN1_OBJECT(tmp_buf, sizeof(tmp_buf), ne->object);
68	0	s = tmp_buf;
69	0	}
70	0	l1 = (int)strlen(s);
71
72	0	type = ne->value->type;
73	0	num = ne->value->length;
74	0	if (num > NAME_ONELINE_MAX) {
75	0	ERR_raise(ERR_LIB_X509, X509_R_NAME_TOO_LONG);
76	0	goto end;
77	0	}
78	0	q = ne->value->data;
79		#ifdef CHARSET_EBCDIC
80		if (type == V_ASN1_GENERALSTRING \|\| type == V_ASN1_VISIBLESTRING \|\| type == V_ASN1_PRINTABLESTRING \|\| type == V_ASN1_TELETEXSTRING \|\| type == V_ASN1_IA5STRING) {
81		if (num > (int)sizeof(ebcdic_buf))
82		num = sizeof(ebcdic_buf);
83		ascii2ebcdic(ebcdic_buf, q, num);
84		q = ebcdic_buf;
85		}
86		#endif
87
88	0	if ((type == V_ASN1_GENERALSTRING) && ((num % 4) == 0)) {
89	0	gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 0;
90	0	for (j = 0; j < num; j++)
91	0	if (q[j] != 0)
92	0	gs_doit[j & 3] = 1;
93
94	0	if (gs_doit[0] \| gs_doit[1] \| gs_doit[2])
95	0	gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
96	0	else {
97	0	gs_doit[0] = gs_doit[1] = gs_doit[2] = 0;
98	0	gs_doit[3] = 1;
99	0	}
100	0	} else
101	0	gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
102
103	0	for (l2 = j = 0; j < num; j++) {
104	0	if (!gs_doit[j & 3])
105	0	continue;
106	0	l2++;
107	0	if (q[j] == '/' \|\| q[j] == '+')
108	0	l2++; /* char needs to be escaped */
109	0	else if ((ossl_toascii(q[j]) < ossl_toascii(' ')) \|\| (ossl_toascii(q[j]) > ossl_toascii('~')))
110	0	l2 += 3;
111	0	}
112
113	0	lold = l;
114	0	l += 1 + l1 + 1 + l2;
115	0	if (l > NAME_ONELINE_MAX) {
116	0	ERR_raise(ERR_LIB_X509, X509_R_NAME_TOO_LONG);
117	0	goto end;
118	0	}
119	0	if (b != NULL) {
120	0	if (!BUF_MEM_grow(b, l + 1))
121	0	goto buferr;
122	0	p = &(b->data[lold]);
123	0	} else if (l > len) {
124	0	break;
125	0	} else
126	0	p = &(buf[lold]);
127	0	*(p++) = prev_set == ne->set ? '+' : '/';
128	0	memcpy(p, s, (unsigned int)l1);
129	0	p += l1;
130	0	*(p++) = '=';
131
132	0	#ifndef CHARSET_EBCDIC /* q was assigned above already. */
133	0	q = ne->value->data;
134	0	#endif
135
136	0	for (j = 0; j < num; j++) {
137	0	if (!gs_doit[j & 3])
138	0	continue;
139	0	#ifndef CHARSET_EBCDIC
140	0	n = q[j];
141	0	if ((n < ' ') \|\| (n > '~')) {
142	0	*(p++) = '\\';
143	0	*(p++) = 'x';
144	0	p += ossl_to_hex(p, n);
145	0	} else {
146	0	if (n == '/' \|\| n == '+')
147	0	*(p++) = '\\';
148	0	*(p++) = n;
149	0	}
150		#else
151		n = os_toascii[q[j]];
152		if ((n < os_toascii[' ']) \|\| (n > os_toascii['~'])) {
153		*(p++) = '\\';
154		*(p++) = 'x';
155		p += ossl_to_hex(p, n);
156		} else {
157		if (n == os_toascii['/'] \|\| n == os_toascii['+'])
158		*(p++) = '\\';
159		*(p++) = q[j];
160		}
161		#endif
162	0	}
163	0	*p = '\0';
164	0	prev_set = ne->set;
165	0	}
166	0	if (b != NULL) {
167	0	p = b->data;
168	0	OPENSSL_free(b);
169	0	} else
170	0	p = buf;
171	0	if (i == 0)
172	0	*p = '\0';
173	0	return p;
174	0	buferr:
175	0	ERR_raise(ERR_LIB_X509, ERR_R_BUF_LIB);
176	0	end:
177	0	BUF_MEM_free(b);
178		return NULL;
179	0	}

Coverage Report

Created: 2025-12-10 06:24