/* $OpenBSD: x509_utl.c,v 1.3 2022/05/20 07:58:54 tb Exp $ */

/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

 * project.

 */

/* ====================================================================

 * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 *

 * 1. Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer.

 *

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in

 *    the documentation and/or other materials provided with the

 *    distribution.

 *

 * 3. All advertising materials mentioning features or use of this

 *    software must display the following acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

 *

 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

 *    endorse or promote products derived from this software without

 *    prior written permission. For written permission, please contact

 *    licensing@OpenSSL.org.

 *

 * 5. Products derived from this software may not be called "OpenSSL"

 *    nor may "OpenSSL" appear in their names without prior written

 *    permission of the OpenSSL Project.

 *

 * 6. Redistributions of any form whatsoever must retain the following

 *    acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

 *

 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

 * OF THE POSSIBILITY OF SUCH DAMAGE.

 * ====================================================================

 *

 * This product includes cryptographic software written by Eric Young

 * (eay@cryptsoft.com).  This product includes software written by Tim

 * Hudson (tjh@cryptsoft.com).

 *

 */

/* X509 v3 extension utilities */

#include <ctype.h>

#include <stdio.h>

#include <string.h>

#include <openssl/bn.h>

#include <openssl/conf.h>

#include <openssl/err.h>

#include <openssl/x509v3.h>

char *bn_to_string(const BIGNUM *bn);

static char *strip_spaces(char *name);

static int sk_strcmp(const char * const *a, const char * const *b);

static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name,

    GENERAL_NAMES *gens);

static void str_free(OPENSSL_STRING str);

static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email);

static int ipv4_from_asc(unsigned char *v4, const char *in);

static int ipv6_from_asc(unsigned char *v6, const char *in);

static int ipv6_cb(const char *elem, int len, void *usr);

static int ipv6_hex(unsigned char *out, const char *in, int inlen);

/* Add a CONF_VALUE name-value pair to stack. */

int

X509V3_add_value(const char *name, const char *value,

    STACK_OF(CONF_VALUE) **extlist)

{

  CONF_VALUE *vtmp = NULL;

  STACK_OF(CONF_VALUE) *free_exts = NULL;

  if ((vtmp = calloc(1, sizeof(CONF_VALUE))) == NULL)

    goto err;

  if (name != NULL) {

    if ((vtmp->name = strdup(name)) == NULL)

      goto err;

  }

  if (value != NULL) {

    if ((vtmp->value = strdup(value)) == NULL)

      goto err;

  }

  if (*extlist == NULL) {

    if ((free_exts = *extlist = sk_CONF_VALUE_new_null()) == NULL)

      goto err;

  }

  if (!sk_CONF_VALUE_push(*extlist, vtmp))

    goto err;

  return 1;

 err:

  X509V3error(ERR_R_MALLOC_FAILURE);

  X509V3_conf_free(vtmp);

  if (free_exts != NULL) {

    sk_CONF_VALUE_free(*extlist);

    *extlist = NULL;

  }

  return 0;

}

int

X509V3_add_value_uchar(const char *name, const unsigned char *value,

    STACK_OF(CONF_VALUE) **extlist)

{

  return X509V3_add_value(name, (const char *)value, extlist);

}

/* Free function for STACK_OF(CONF_VALUE) */

void

X509V3_conf_free(CONF_VALUE *conf)

{

  if (!conf)

    return;

  free(conf->name);

  free(conf->value);

  free(conf->section);

  free(conf);

}

int

X509V3_add_value_bool(const char *name, int asn1_bool,

    STACK_OF(CONF_VALUE) **extlist)

{

  if (asn1_bool)

    return X509V3_add_value(name, "TRUE", extlist);

  return X509V3_add_value(name, "FALSE", extlist);

}

int

X509V3_add_value_bool_nf(const char *name, int asn1_bool,

    STACK_OF(CONF_VALUE) **extlist)

{

  if (asn1_bool)

    return X509V3_add_value(name, "TRUE", extlist);

  return 1;

}

char *

bn_to_string(const BIGNUM *bn)

{

  const char *sign = "";

  char *bnstr, *hex;

  char *ret = NULL;

  /* Only display small numbers in decimal, as conversion is quadratic. */

  if (BN_num_bits(bn) < 128)

    return BN_bn2dec(bn);

  if ((hex = bnstr = BN_bn2hex(bn)) == NULL)

    goto err;

  if (BN_is_negative(bn)) {

    sign = "-";

    hex++;

  }

  if (asprintf(&ret, "%s0x%s", sign, hex) == -1)

    ret = NULL;

 err:

  free(bnstr);

  return ret;

}

char *

i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, const ASN1_ENUMERATED *a)

{

  BIGNUM *bntmp;

  char *strtmp = NULL;

  if (a == NULL)

    return NULL;

  if ((bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) == NULL ||

      (strtmp = bn_to_string(bntmp)) == NULL)

    X509V3error(ERR_R_MALLOC_FAILURE);

  BN_free(bntmp);

  return strtmp;

}

char *

i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, const ASN1_INTEGER *a)

{

  BIGNUM *bntmp;

  char *strtmp = NULL;

  if (a == NULL)

    return NULL;

  if ((bntmp = ASN1_INTEGER_to_BN(a, NULL)) == NULL ||

      (strtmp = bn_to_string(bntmp)) == NULL)

    X509V3error(ERR_R_MALLOC_FAILURE);

  BN_free(bntmp);

  return strtmp;

}

ASN1_INTEGER *

s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, const char *value)

{

  BIGNUM *bn = NULL;

  ASN1_INTEGER *aint;

  int isneg, ishex;

  int ret;

  if (!value) {

    X509V3error(X509V3_R_INVALID_NULL_VALUE);

    return 0;

  }

  bn = BN_new();

  if (value[0] == '-') {

    value++;

    isneg = 1;

  } else

    isneg = 0;

  if (value[0] == '0' && ((value[1] == 'x') || (value[1] == 'X'))) {

    value += 2;

    ishex = 1;

  } else

    ishex = 0;

  if (ishex)

    ret = BN_hex2bn(&bn, value);

  else

    ret = BN_dec2bn(&bn, value);

  if (!ret || value[ret]) {

    BN_free(bn);

    X509V3error(X509V3_R_BN_DEC2BN_ERROR);

    return 0;

  }

  if (isneg && BN_is_zero(bn))

    isneg = 0;

  aint = BN_to_ASN1_INTEGER(bn, NULL);

  BN_free(bn);

  if (!aint) {

    X509V3error(X509V3_R_BN_TO_ASN1_INTEGER_ERROR);

    return 0;

  }

  if (isneg)

    aint->type |= V_ASN1_NEG;

  return aint;

}

int

X509V3_add_value_int(const char *name, const ASN1_INTEGER *aint,

    STACK_OF(CONF_VALUE) **extlist)

{

  char *strtmp;

  int ret;

  if (!aint)

    return 1;

  if (!(strtmp = i2s_ASN1_INTEGER(NULL, aint)))

    return 0;

  ret = X509V3_add_value(name, strtmp, extlist);

  free(strtmp);

  return ret;

}

int

X509V3_get_value_bool(const CONF_VALUE *value, int *asn1_bool)

{

  char *btmp;

  if (!(btmp = value->value))

    goto err;

  if (!strcmp(btmp, "TRUE") || !strcmp(btmp, "true") ||

      !strcmp(btmp, "Y") || !strcmp(btmp, "y") ||

      !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) {

    *asn1_bool = 0xff;

    return 1;

  } else if (!strcmp(btmp, "FALSE") || !strcmp(btmp, "false") ||

      !strcmp(btmp, "N") || !strcmp(btmp, "n") ||

      !strcmp(btmp, "NO") || !strcmp(btmp, "no")) {

    *asn1_bool = 0;

    return 1;

  }

 err:

  X509V3error(X509V3_R_INVALID_BOOLEAN_STRING);

  X509V3_conf_err(value);

  return 0;

}

int

X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint)

{

  ASN1_INTEGER *itmp;

  if (!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {

    X509V3_conf_err(value);

    return 0;

  }

  *aint = itmp;

  return 1;

}

#define HDR_NAME  1

#define HDR_VALUE 2

/*#define DEBUG*/

STACK_OF(CONF_VALUE) *

X509V3_parse_list(const char *line)

{

  char *p, *q, c;

  char *ntmp, *vtmp;

  STACK_OF(CONF_VALUE) *values = NULL;

  char *linebuf;

  int state;

  /* We are going to modify the line so copy it first */

  if ((linebuf = strdup(line)) == NULL) {

    X509V3error(ERR_R_MALLOC_FAILURE);

    goto err;

  }

  state = HDR_NAME;

  ntmp = NULL;

  /* Go through all characters */

  for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') &&

      (c != '\n'); p++) {

    switch (state) {

    case HDR_NAME:

      if (c == ':') {

        state = HDR_VALUE;

        *p = 0;

        ntmp = strip_spaces(q);

        if (!ntmp) {

          X509V3error(X509V3_R_INVALID_NULL_NAME);

          goto err;

        }

        q = p + 1;

      } else if (c == ',') {

        *p = 0;

        ntmp = strip_spaces(q);

        q = p + 1;

        if (!ntmp) {

          X509V3error(X509V3_R_INVALID_NULL_NAME);

          goto err;

        }

        X509V3_add_value(ntmp, NULL, &values);

      }

      break;

    case HDR_VALUE:

      if (c == ',') {

        state = HDR_NAME;

        *p = 0;

        vtmp = strip_spaces(q);

        if (!vtmp) {

          X509V3error(X509V3_R_INVALID_NULL_VALUE);

          goto err;

        }

        X509V3_add_value(ntmp, vtmp, &values);

        ntmp = NULL;

        q = p + 1;

      }

    }

  }

  if (state == HDR_VALUE) {

    vtmp = strip_spaces(q);

    if (!vtmp) {

      X509V3error(X509V3_R_INVALID_NULL_VALUE);

      goto err;

    }

    X509V3_add_value(ntmp, vtmp, &values);

  } else {

    ntmp = strip_spaces(q);

    if (!ntmp) {

      X509V3error(X509V3_R_INVALID_NULL_NAME);

      goto err;

    }

    X509V3_add_value(ntmp, NULL, &values);

  }

  free(linebuf);

  return values;

 err:

  free(linebuf);

  sk_CONF_VALUE_pop_free(values, X509V3_conf_free);

  return NULL;

}

/* Delete leading and trailing spaces from a string */

static char *

strip_spaces(char *name)

{

  char *p, *q;

  /* Skip over leading spaces */

  p = name;

  while (*p && isspace((unsigned char)*p))

    p++;

  if (!*p)

    return NULL;

  q = p + strlen(p) - 1;

  while ((q != p) && isspace((unsigned char)*q))

    q--;

  if (p != q)

    q[1] = 0;

  if (!*p)

    return NULL;

  return p;

}

/* hex string utilities */

/* Given a buffer of length 'len' return a malloc'ed string with its

 * hex representation

 */

char *

hex_to_string(const unsigned char *buffer, long len)

{

  char *tmp, *q;

  const unsigned char *p;

  int i;

  static const char hexdig[] = "0123456789ABCDEF";

  if (!buffer || !len)

    return NULL;

  if (!(tmp = malloc(len * 3 + 1))) {

    X509V3error(ERR_R_MALLOC_FAILURE);

    return NULL;

  }

  q = tmp;

  for (i = 0, p = buffer; i < len; i++, p++) {

    *q++ = hexdig[(*p >> 4) & 0xf];

    *q++ = hexdig[*p & 0xf];

    *q++ = ':';

  }

  q[-1] = 0;

  return tmp;

}

/* Give a string of hex digits convert to

 * a buffer

 */

unsigned char *

string_to_hex(const char *str, long *len)

{

  unsigned char *hexbuf, *q;

  unsigned char ch, cl, *p;

  if (!str) {

    X509V3error(X509V3_R_INVALID_NULL_ARGUMENT);

    return NULL;

  }

  if (!(hexbuf = malloc(strlen(str) >> 1)))

    goto err;

  for (p = (unsigned char *)str, q = hexbuf; *p; ) {

    ch = *p++;

    if (ch == ':')

      continue;

    cl = *p++;

    if (!cl) {

      X509V3error(X509V3_R_ODD_NUMBER_OF_DIGITS);

      free(hexbuf);

      return NULL;

    }

    ch = tolower(ch);

    cl = tolower(cl);

    if ((ch >= '0') && (ch <= '9'))

      ch -= '0';

    else if ((ch >= 'a') && (ch <= 'f'))

      ch -= 'a' - 10;

    else

      goto badhex;

    if ((cl >= '0') && (cl <= '9'))

      cl -= '0';

    else if ((cl >= 'a') && (cl <= 'f'))

      cl -= 'a' - 10;

    else

      goto badhex;

    *q++ = (ch << 4) | cl;

  }

  if (len)

    *len = q - hexbuf;

  return hexbuf;

 err:

  free(hexbuf);

  X509V3error(ERR_R_MALLOC_FAILURE);

  return NULL;

 badhex:

  free(hexbuf);

  X509V3error(X509V3_R_ILLEGAL_HEX_DIGIT);

  return NULL;

}

/* V2I name comparison function: returns zero if 'name' matches

 * cmp or cmp.*

 */

int

name_cmp(const char *name, const char *cmp)

{

  int len, ret;

  char c;

  len = strlen(cmp);

  if ((ret = strncmp(name, cmp, len)))

    return ret;

  c = name[len];

  if (!c || (c=='.'))

    return 0;

  return 1;

}

static int

sk_strcmp(const char * const *a, const char * const *b)

{

  return strcmp(*a, *b);

}

STACK_OF(OPENSSL_STRING) *

X509_get1_email(X509 *x)

{

  GENERAL_NAMES *gens;

  STACK_OF(OPENSSL_STRING) *ret;

  gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);

  ret = get_email(X509_get_subject_name(x), gens);

  sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);

  return ret;

}

STACK_OF(OPENSSL_STRING) *

X509_get1_ocsp(X509 *x)

{

  AUTHORITY_INFO_ACCESS *info;

  STACK_OF(OPENSSL_STRING) *ret = NULL;

  int i;

  info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL);

  if (!info)

    return NULL;

  for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) {

    ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i);

    if (OBJ_obj2nid(ad->method) == NID_ad_OCSP) {

      if (ad->location->type == GEN_URI) {

        if (!append_ia5(&ret,

            ad->location->d.uniformResourceIdentifier))

          break;

      }

    }

  }

  AUTHORITY_INFO_ACCESS_free(info);

  return ret;

}

STACK_OF(OPENSSL_STRING) *

X509_REQ_get1_email(X509_REQ *x)

{

  GENERAL_NAMES *gens;

  STACK_OF(X509_EXTENSION) *exts;

  STACK_OF(OPENSSL_STRING) *ret;

  exts = X509_REQ_get_extensions(x);

  gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL);

  ret = get_email(X509_REQ_get_subject_name(x), gens);

  sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);

  sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);

  return ret;

}

static STACK_OF(OPENSSL_STRING) *

get_email(X509_NAME *name, GENERAL_NAMES *gens)

{

  STACK_OF(OPENSSL_STRING) *ret = NULL;

  X509_NAME_ENTRY *ne;

  ASN1_IA5STRING *email;

  GENERAL_NAME *gen;

  int i;

  /* Now add any email address(es) to STACK */

  i = -1;

  /* First supplied X509_NAME */

  while ((i = X509_NAME_get_index_by_NID(name,

      NID_pkcs9_emailAddress, i)) >= 0) {

    ne = X509_NAME_get_entry(name, i);

    email = X509_NAME_ENTRY_get_data(ne);

    if (!append_ia5(&ret, email))

      return NULL;

  }

  for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {

    gen = sk_GENERAL_NAME_value(gens, i);

    if (gen->type != GEN_EMAIL)

      continue;

    if (!append_ia5(&ret, gen->d.ia5))

      return NULL;

  }

  return ret;

}

static void

str_free(OPENSSL_STRING str)

{

  free(str);

}

static int

append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email)

{

  char *emtmp;

  /* First some sanity checks */

  if (email->type != V_ASN1_IA5STRING)

    return 1;

  if (!email->data || !email->length)

    return 1;

  if (!*sk)

    *sk = sk_OPENSSL_STRING_new(sk_strcmp);

  if (!*sk)

    return 0;

  /* Don't add duplicates */

  if (sk_OPENSSL_STRING_find(*sk, (char *)email->data) != -1)

    return 1;

  emtmp = strdup((char *)email->data);

  if (!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) {

    X509_email_free(*sk);

    *sk = NULL;

    return 0;

  }

  return 1;

}

void

X509_email_free(STACK_OF(OPENSSL_STRING) *sk)

{

  sk_OPENSSL_STRING_pop_free(sk, str_free);

}

typedef int (*equal_fn)(const unsigned char *pattern, size_t pattern_len,

    const unsigned char *subject, size_t subject_len, unsigned int flags);

/* Skip pattern prefix to match "wildcard" subject */

static void

skip_prefix(const unsigned char **p, size_t *plen, const unsigned char *subject,

    size_t subject_len, unsigned int flags)

{

  const unsigned char *pattern = *p;

  size_t pattern_len = *plen;

  /*

   * If subject starts with a leading '.' followed by more octets, and

   * pattern is longer, compare just an equal-length suffix with the

   * full subject (starting at the '.'), provided the prefix contains

   * no NULs.

   */

  if ((flags & _X509_CHECK_FLAG_DOT_SUBDOMAINS) == 0)

    return;

  while (pattern_len > subject_len && *pattern) {

    if ((flags & X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS) &&

        *pattern == '.')

      break;

    ++pattern;

    --pattern_len;

  }

  /* Skip if entire prefix acceptable */

  if (pattern_len == subject_len) {

    *p = pattern;

    *plen = pattern_len;

  }

}

/*

 * Open/BoringSSL uses memcmp for "equal_case" while their

 * "equal_nocase" function is a hand-rolled strncasecmp that does not

 * allow \0 in the pattern. Since an embedded \0 is likely a sign of

 * problems, we simply don't allow it in either case, and then we use

 * standard libc funcitons.

 */

/* Compare using strncasecmp */

static int

equal_nocase(const unsigned char *pattern, size_t pattern_len,

    const unsigned char *subject, size_t subject_len, unsigned int flags)

{

  if (memchr(pattern, '\0', pattern_len) != NULL)

    return 0;

  if (memchr(subject, '\0', subject_len) != NULL)

    return 0;

  skip_prefix(&pattern, &pattern_len, subject, subject_len, flags);

  if (pattern_len != subject_len)

    return 0;

  return (strncasecmp(pattern, subject, pattern_len) == 0);

}

/* Compare using strncmp. */

static int

equal_case(const unsigned char *pattern, size_t pattern_len,

    const unsigned char *subject, size_t subject_len, unsigned int flags)

{

  if (memchr(pattern, 0, pattern_len) != NULL)

    return 0;

  if (memchr(subject, 0, subject_len) != NULL)

    return 0;

  skip_prefix(&pattern, &pattern_len, subject, subject_len, flags);

  if (pattern_len != subject_len)

    return 0;

  return (strncmp(pattern, subject, pattern_len) == 0);

}

/*

 * RFC 5280, section 7.5, requires that only the domain is compared in a

 * case-insensitive manner.

 */

static int

equal_email(const unsigned char *a, size_t a_len, const unsigned char *b,

    size_t b_len, unsigned int unused_flags)

{

  size_t pos = a_len;

  if (a_len != b_len)

    return 0;

  /*

   * We search backwards for the '@' character, so that we do not have to

   * deal with quoted local-parts.  The domain part is compared in a

   * case-insensitive manner.

   */

  while (pos > 0) {

    pos--;

    if (a[pos] == '@' || b[pos] == '@') {

      if (!equal_nocase(a + pos, a_len - pos, b + pos,

          a_len - pos, 0))

        return 0;

      break;

    }

  }

  if (pos == 0)

    pos = a_len;

  return equal_case(a, pos, b, pos, 0);

}

/*

 * Compare the prefix and suffix with the subject, and check that the

 * characters in-between are valid.

 */

static int

wildcard_match(const unsigned char *prefix, size_t prefix_len,

    const unsigned char *suffix, size_t suffix_len,

    const unsigned char *subject, size_t subject_len, unsigned int flags)

{

  const unsigned char *wildcard_start;

  const unsigned char *wildcard_end;

  const unsigned char *p;

  int allow_multi = 0;

  int allow_idna = 0;

  if (subject_len < prefix_len + suffix_len)

    return 0;

  if (!equal_nocase(prefix, prefix_len, subject, prefix_len, flags))

    return 0;

  wildcard_start = subject + prefix_len;

  wildcard_end = subject + (subject_len - suffix_len);

  if (!equal_nocase(wildcard_end, suffix_len, suffix, suffix_len, flags))

    return 0;

  /*

   * If the wildcard makes up the entire first label, it must match at

   * least one character.

   */

  if (prefix_len == 0 && *suffix == '.') {

    if (wildcard_start == wildcard_end)

      return 0;

    allow_idna = 1;

    if (flags & X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS)

      allow_multi = 1;

  }

  /* IDNA labels cannot match partial wildcards */

  if (!allow_idna &&

      subject_len >= 4

      && strncasecmp((char *)subject, "xn--", 4) == 0)

    return 0;

  /* The wildcard may match a literal '*' */

  if (wildcard_end == wildcard_start + 1 && *wildcard_start == '*')

    return 1;

  /*

   * Check that the part matched by the wildcard contains only

   * permitted characters and only matches a single label unless

   * allow_multi is set.

   */

  for (p = wildcard_start; p != wildcard_end; ++p)

    if (!(('0' <= *p && *p <= '9') || ('A' <= *p && *p <= 'Z') ||

        ('a' <= *p && *p <= 'z') || *p == '-' ||

        (allow_multi && *p == '.')))

      return 0;

  return 1;

}

#define LABEL_START     (1 << 0)

#define LABEL_END       (1 << 1)

#define LABEL_HYPHEN    (1 << 2)

#define LABEL_IDNA      (1 << 3)

static const unsigned char *

valid_star(const unsigned char *p, size_t len, unsigned int flags)

{

  const unsigned char *star = 0;

  size_t i;

  int state = LABEL_START;

  int dots = 0;

  for (i = 0; i < len; ++i) {

    /*

     * Locate first and only legal wildcard, either at the start

     * or end of a non-IDNA first and not final label.

     */

    if (p[i] == '*') {

      int atstart = (state & LABEL_START);

      int atend = (i == len - 1 || p[i + 1] == '.');

      /*

       * At most one wildcard per pattern.

       * No wildcards in IDNA labels.

       * No wildcards after the first label.

       */

      if (star != NULL || (state & LABEL_IDNA) != 0 || dots)

        return NULL;

      /* Only full-label '*.example.com' wildcards? */

      if ((flags & X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS)

          && (!atstart || !atend))

        return NULL;

      /* No 'foo*bar' wildcards */

      if (!atstart && !atend)

        return NULL;

      star = &p[i];

      state &= ~LABEL_START;

    } else if ((state & LABEL_START) != 0) {

      /*

       * At the start of a label, skip any "xn--" and

       * remain in the LABEL_START state, but set the

       * IDNA label state

       */

      if ((state & LABEL_IDNA) == 0 && len - i >= 4

          && strncasecmp((char *)&p[i], "xn--", 4) == 0) {

        i += 3;

        state |= LABEL_IDNA;

        continue;

      }

      /* Labels must start with a letter or digit */