/src/openssl30/crypto/asn1/a_mbstr.c

Source (jump to first uncovered line)
/*
 * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include "internal/unicode.h"
#include <openssl/asn1.h>

static int traverse_string(const unsigned char *p, int len, int inform,
                           int (*rfunc) (unsigned long value, void *in),
                           void *arg);
static int in_utf8(unsigned long value, void *arg);
static int out_utf8(unsigned long value, void *arg);
static int type_str(unsigned long value, void *arg);
static int cpy_asc(unsigned long value, void *arg);
static int cpy_bmp(unsigned long value, void *arg);
static int cpy_univ(unsigned long value, void *arg);
static int cpy_utf8(unsigned long value, void *arg);

/*
 * These functions take a string in UTF8, ASCII or multibyte form and a mask
 * of permissible ASN1 string types. It then works out the minimal type
 * (using the order Numeric < Printable < IA5 < T61 < BMP < Universal < UTF8)
 * and creates a string of the correct type with the supplied data. Yes this is
 * horrible: it has to be :-( The 'ncopy' form checks minimum and maximum
 * size limits too.
 */

int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
                       int inform, unsigned long mask)
{
    return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0);
}

int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
                        int inform, unsigned long mask,
                        long minsize, long maxsize)
{
    int str_type;
    int ret;
    char free_out;
    int outform, outlen = 0;
    ASN1_STRING *dest;
    unsigned char *p;
    int nchar;
    int (*cpyfunc) (unsigned long, void *) = NULL;
    if (len == -1)
        len = strlen((const char *)in);
    if (!mask)
        mask = DIRSTRING_TYPE;
    if (len < 0)
        return -1;

    /* First do a string check and work out the number of characters */
    switch (inform) {

    case MBSTRING_BMP:
        if (len & 1) {
            ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_BMPSTRING_LENGTH);
            return -1;
        }
        nchar = len >> 1;
        break;

    case MBSTRING_UNIV:
        if (len & 3) {
            ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
            return -1;
        }
        nchar = len >> 2;
        break;

    case MBSTRING_UTF8:
        nchar = 0;
        /* This counts the characters and does utf8 syntax checking */
        ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
        if (ret < 0) {
            ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING);
            return -1;
        }
        break;

    case MBSTRING_ASC:
        nchar = len;
        break;

    default:
        ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_FORMAT);
        return -1;
    }

    if ((minsize > 0) && (nchar < minsize)) {
        ERR_raise_data(ERR_LIB_ASN1, ASN1_R_STRING_TOO_SHORT,
                       "minsize=%ld", minsize);
        return -1;
    }

    if ((maxsize > 0) && (nchar > maxsize)) {
        ERR_raise_data(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG,
                       "maxsize=%ld", maxsize);
        return -1;
    }

    /* Now work out minimal type (if any) */
    if (traverse_string(in, len, inform, type_str, &mask) < 0) {
        ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_CHARACTERS);
        return -1;
    }

    /* Now work out output format and string type */
    outform = MBSTRING_ASC;
    if (mask & B_ASN1_NUMERICSTRING)
        str_type = V_ASN1_NUMERICSTRING;
    else if (mask & B_ASN1_PRINTABLESTRING)
        str_type = V_ASN1_PRINTABLESTRING;
    else if (mask & B_ASN1_IA5STRING)
        str_type = V_ASN1_IA5STRING;
    else if (mask & B_ASN1_T61STRING)
        str_type = V_ASN1_T61STRING;
    else if (mask & B_ASN1_BMPSTRING) {
        str_type = V_ASN1_BMPSTRING;
        outform = MBSTRING_BMP;
    } else if (mask & B_ASN1_UNIVERSALSTRING) {
        str_type = V_ASN1_UNIVERSALSTRING;
        outform = MBSTRING_UNIV;
    } else {
        str_type = V_ASN1_UTF8STRING;
        outform = MBSTRING_UTF8;
    }
    if (!out)
        return str_type;
    if (*out) {
        free_out = 0;
        dest = *out;
        OPENSSL_free(dest->data);
        dest->data = NULL;
        dest->length = 0;
        dest->type = str_type;
    } else {
        free_out = 1;
        dest = ASN1_STRING_type_new(str_type);
        if (dest == NULL) {
            ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
            return -1;
        }
        *out = dest;
    }
    /* If both the same type just copy across */
    if (inform == outform) {
        if (!ASN1_STRING_set(dest, in, len)) {
            ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
            return -1;
        }
        return str_type;
    }

    /* Work out how much space the destination will need */
    switch (outform) {
    case MBSTRING_ASC:
        outlen = nchar;
        cpyfunc = cpy_asc;
        break;

    case MBSTRING_BMP:
        outlen = nchar << 1;
        cpyfunc = cpy_bmp;
        break;

    case MBSTRING_UNIV:
        outlen = nchar << 2;
        cpyfunc = cpy_univ;
        break;

    case MBSTRING_UTF8:
        outlen = 0;
        traverse_string(in, len, inform, out_utf8, &outlen);
        cpyfunc = cpy_utf8;
        break;
    }
    if ((p = OPENSSL_malloc(outlen + 1)) == NULL) {
        if (free_out)
            ASN1_STRING_free(dest);
        ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
        return -1;
    }
    dest->length = outlen;
    dest->data = p;
    p[outlen] = 0;
    traverse_string(in, len, inform, cpyfunc, &p);
    return str_type;
}

/*
 * This function traverses a string and passes the value of each character to
 * an optional function along with a void * argument.
 */

static int traverse_string(const unsigned char *p, int len, int inform,
                           int (*rfunc) (unsigned long value, void *in),
                           void *arg)
{
    unsigned long value;
    int ret;
    while (len) {
        if (inform == MBSTRING_ASC) {
            value = *p++;
            len--;
        } else if (inform == MBSTRING_BMP) {
            value = *p++ << 8;
            value |= *p++;
            len -= 2;
        } else if (inform == MBSTRING_UNIV) {
            value = ((unsigned long)*p++) << 24;
            value |= ((unsigned long)*p++) << 16;
            value |= *p++ << 8;
            value |= *p++;
            len -= 4;
        } else {
            ret = UTF8_getc(p, len, &value);
            if (ret < 0)
                return -1;
            len -= ret;
            p += ret;
        }
        if (rfunc) {
            ret = rfunc(value, arg);
            if (ret <= 0)
                return ret;
        }
    }
    return 1;
}

/* Various utility functions for traverse_string */

/* Just count number of characters */

static int in_utf8(unsigned long value, void *arg)
{
    int *nchar;

    if (!is_unicode_valid(value))
        return -2;
    nchar = arg;
    (*nchar)++;
    return 1;
}

/* Determine size of output as a UTF8 String */

static int out_utf8(unsigned long value, void *arg)
{
    int *outlen, len;

    len = UTF8_putc(NULL, -1, value);
    if (len <= 0)
        return len;
    outlen = arg;
    *outlen += len;
    return 1;
}

/*
 * Determine the "type" of a string: check each character against a supplied
 * "mask".
 */

static int type_str(unsigned long value, void *arg)
{
    unsigned long types = *((unsigned long *)arg);
    const int native = value > INT_MAX ? INT_MAX : ossl_fromascii(value);

    if ((types & B_ASN1_NUMERICSTRING) && !(ossl_isdigit(native)
                                            || native == ' '))
        types &= ~B_ASN1_NUMERICSTRING;
    if ((types & B_ASN1_PRINTABLESTRING) && !ossl_isasn1print(native))
        types &= ~B_ASN1_PRINTABLESTRING;
    if ((types & B_ASN1_IA5STRING) && !ossl_isascii(native))
        types &= ~B_ASN1_IA5STRING;
    if ((types & B_ASN1_T61STRING) && (value > 0xff))
        types &= ~B_ASN1_T61STRING;
    if ((types & B_ASN1_BMPSTRING) && (value > 0xffff))
        types &= ~B_ASN1_BMPSTRING;
    if ((types & B_ASN1_UTF8STRING) && !is_unicode_valid(value))
        types &= ~B_ASN1_UTF8STRING;
    if (!types)
        return -1;
    *((unsigned long *)arg) = types;
    return 1;
}

/* Copy one byte per character ASCII like strings */

static int cpy_asc(unsigned long value, void *arg)
{
    unsigned char **p, *q;
    p = arg;
    q = *p;
    *q = (unsigned char)value;
    (*p)++;
    return 1;
}

/* Copy two byte per character BMPStrings */

static int cpy_bmp(unsigned long value, void *arg)
{
    unsigned char **p, *q;
    p = arg;
    q = *p;
    *q++ = (unsigned char)((value >> 8) & 0xff);
    *q = (unsigned char)(value & 0xff);
    *p += 2;
    return 1;
}

/* Copy four byte per character UniversalStrings */

static int cpy_univ(unsigned long value, void *arg)
{
    unsigned char **p, *q;
    p = arg;
    q = *p;
    *q++ = (unsigned char)((value >> 24) & 0xff);
    *q++ = (unsigned char)((value >> 16) & 0xff);
    *q++ = (unsigned char)((value >> 8) & 0xff);
    *q = (unsigned char)(value & 0xff);
    *p += 4;
    return 1;
}

/* Copy to a UTF8String */

static int cpy_utf8(unsigned long value, void *arg)
{
    unsigned char **p;
    int ret;
    p = arg;
    /* We already know there is enough room so pass 0xff as the length */
    ret = UTF8_putc(*p, 0xff, value);
    *p += ret;
    return 1;
}

Coverage Report

Created: 2023-06-08 06:41

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <stdio.h>
11		#include "crypto/ctype.h"
12		#include "internal/cryptlib.h"
13		#include "internal/unicode.h"
14		#include <openssl/asn1.h>
15
16		static int traverse_string(const unsigned char *p, int len, int inform,
17		int (rfunc) (unsigned long value, void in),
18		void *arg);
19		static int in_utf8(unsigned long value, void *arg);
20		static int out_utf8(unsigned long value, void *arg);
21		static int type_str(unsigned long value, void *arg);
22		static int cpy_asc(unsigned long value, void *arg);
23		static int cpy_bmp(unsigned long value, void *arg);
24		static int cpy_univ(unsigned long value, void *arg);
25		static int cpy_utf8(unsigned long value, void *arg);
26
27		/*
28		* These functions take a string in UTF8, ASCII or multibyte form and a mask
29		* of permissible ASN1 string types. It then works out the minimal type
30		* (using the order Numeric < Printable < IA5 < T61 < BMP < Universal < UTF8)
31		* and creates a string of the correct type with the supplied data. Yes this is
32		* horrible: it has to be :-( The 'ncopy' form checks minimum and maximum
33		* size limits too.
34		*/
35
36		int ASN1_mbstring_copy(ASN1_STRING *out, const unsigned char in, int len,
37		int inform, unsigned long mask)
38	339k	{
39	339k	return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0);
40	339k	}
41
42		int ASN1_mbstring_ncopy(ASN1_STRING *out, const unsigned char in, int len,
43		int inform, unsigned long mask,
44		long minsize, long maxsize)
45	339k	{
46	339k	int str_type;
47	339k	int ret;
48	339k	char free_out;
49	339k	int outform, outlen = 0;
50	339k	ASN1_STRING *dest;
51	339k	unsigned char *p;
52	339k	int nchar;
53	339k	int (cpyfunc) (unsigned long, void ) = NULL;
54	339k	if (len == -1)
55	0	len = strlen((const char *)in);
56	339k	if (!mask)
57	0	mask = DIRSTRING_TYPE;
58	339k	if (len < 0)
59	0	return -1;
60
61		/* First do a string check and work out the number of characters */
62	339k	switch (inform) {
63
64	132k	case MBSTRING_BMP:
65	132k	if (len & 1) {
66	0	ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_BMPSTRING_LENGTH);
67	0	return -1;
68	0	}
69	132k	nchar = len >> 1;
70	132k	break;
71
72	2.31k	case MBSTRING_UNIV:
73	2.31k	if (len & 3) {
74	0	ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
75	0	return -1;
76	0	}
77	2.31k	nchar = len >> 2;
78	2.31k	break;
79
80	4.45k	case MBSTRING_UTF8:
81	4.45k	nchar = 0;
82		/* This counts the characters and does utf8 syntax checking */
83	4.45k	ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
84	4.45k	if (ret < 0) {
85	1.92k	ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING);
86	1.92k	return -1;
87	1.92k	}
88	2.52k	break;
89
90	199k	case MBSTRING_ASC:
91	199k	nchar = len;
92	199k	break;
93
94	0	default:
95	0	ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_FORMAT);
96	0	return -1;
97	339k	}
98
99	337k	if ((minsize > 0) && (nchar < minsize)) {
100	0	ERR_raise_data(ERR_LIB_ASN1, ASN1_R_STRING_TOO_SHORT,
101	0	"minsize=%ld", minsize);
102	0	return -1;
103	0	}
104
105	337k	if ((maxsize > 0) && (nchar > maxsize)) {
106	0	ERR_raise_data(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG,
107	0	"maxsize=%ld", maxsize);
108	0	return -1;
109	0	}
110
111		/* Now work out minimal type (if any) */
112	337k	if (traverse_string(in, len, inform, type_str, &mask) < 0) {
113	69	ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_CHARACTERS);
114	69	return -1;
115	69	}
116
117		/* Now work out output format and string type */
118	337k	outform = MBSTRING_ASC;
119	337k	if (mask & B_ASN1_NUMERICSTRING)
120	0	str_type = V_ASN1_NUMERICSTRING;
121	337k	else if (mask & B_ASN1_PRINTABLESTRING)
122	0	str_type = V_ASN1_PRINTABLESTRING;
123	337k	else if (mask & B_ASN1_IA5STRING)
124	0	str_type = V_ASN1_IA5STRING;
125	337k	else if (mask & B_ASN1_T61STRING)
126	0	str_type = V_ASN1_T61STRING;
127	337k	else if (mask & B_ASN1_BMPSTRING) {
128	0	str_type = V_ASN1_BMPSTRING;
129	0	outform = MBSTRING_BMP;
130	337k	} else if (mask & B_ASN1_UNIVERSALSTRING) {
131	0	str_type = V_ASN1_UNIVERSALSTRING;
132	0	outform = MBSTRING_UNIV;
133	337k	} else {
134	337k	str_type = V_ASN1_UTF8STRING;
135	337k	outform = MBSTRING_UTF8;
136	337k	}
137	337k	if (!out)
138	0	return str_type;
139	337k	if (*out) {
140	337k	free_out = 0;
141	337k	dest = *out;
142	337k	OPENSSL_free(dest->data);
143	337k	dest->data = NULL;
144	337k	dest->length = 0;
145	337k	dest->type = str_type;
146	337k	} else {
147	0	free_out = 1;
148	0	dest = ASN1_STRING_type_new(str_type);
149	0	if (dest == NULL) {
150	0	ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
151	0	return -1;
152	0	}
153	0	*out = dest;
154	0	}
155		/* If both the same type just copy across */
156	337k	if (inform == outform) {
157	2.52k	if (!ASN1_STRING_set(dest, in, len)) {
158	0	ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
159	0	return -1;
160	0	}
161	2.52k	return str_type;
162	2.52k	}
163
164		/* Work out how much space the destination will need */
165	334k	switch (outform) {
166	0	case MBSTRING_ASC:
167	0	outlen = nchar;
168	0	cpyfunc = cpy_asc;
169	0	break;
170
171	0	case MBSTRING_BMP:
172	0	outlen = nchar << 1;
173	0	cpyfunc = cpy_bmp;
174	0	break;
175
176	0	case MBSTRING_UNIV:
177	0	outlen = nchar << 2;
178	0	cpyfunc = cpy_univ;
179	0	break;
180
181	334k	case MBSTRING_UTF8:
182	334k	outlen = 0;
183	334k	traverse_string(in, len, inform, out_utf8, &outlen);
184	334k	cpyfunc = cpy_utf8;
185	334k	break;
186	334k	}
187	334k	if ((p = OPENSSL_malloc(outlen + 1)) == NULL) {
188	0	if (free_out)
189	0	ASN1_STRING_free(dest);
190	0	ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
191	0	return -1;
192	0	}
193	334k	dest->length = outlen;
194	334k	dest->data = p;
195	334k	p[outlen] = 0;
196	334k	traverse_string(in, len, inform, cpyfunc, &p);
197	334k	return str_type;
198	334k	}
199
200		/*
201		* This function traverses a string and passes the value of each character to
202		* an optional function along with a void * argument.
203		*/
204
205		static int traverse_string(const unsigned char *p, int len, int inform,
206		int (rfunc) (unsigned long value, void in),
207		void *arg)
208	1.01M	{
209	1.01M	unsigned long value;
210	1.01M	int ret;
211	26.6M	while (len) {
212	25.6M	if (inform == MBSTRING_ASC) {
213	22.9M	value = *p++;
214	22.9M	len--;
215	22.9M	} else if (inform == MBSTRING_BMP) {
216	2.70M	value = *p++ << 8;
217	2.70M	value \|= *p++;
218	2.70M	len -= 2;
219	2.70M	} else if (inform == MBSTRING_UNIV) {
220	1.11k	value = ((unsigned long)*p++) << 24;
221	1.11k	value \|= ((unsigned long)*p++) << 16;
222	1.11k	value \|= *p++ << 8;
223	1.11k	value \|= *p++;
224	1.11k	len -= 4;
225	25.2k	} else {
226	25.2k	ret = UTF8_getc(p, len, &value);
227	25.2k	if (ret < 0)
228	1.88k	return -1;
229	23.4k	len -= ret;
230	23.4k	p += ret;
231	23.4k	}
232	25.6M	if (rfunc) {
233	25.6M	ret = rfunc(value, arg);
234	25.6M	if (ret <= 0)
235	114	return ret;
236	25.6M	}
237	25.6M	}
238	1.00M	return 1;
239	1.01M	}
240
241		/* Various utility functions for traverse_string */
242
243		/* Just count number of characters */
244
245		static int in_utf8(unsigned long value, void *arg)
246	21.0k	{
247	21.0k	int *nchar;
248
249	21.0k	if (!is_unicode_valid(value))
250	45	return -2;
251	20.9k	nchar = arg;
252	20.9k	(*nchar)++;
253	20.9k	return 1;
254	21.0k	}
255
256		/* Determine size of output as a UTF8 String */
257
258		static int out_utf8(unsigned long value, void *arg)
259	8.54M	{
260	8.54M	int *outlen, len;
261
262	8.54M	len = UTF8_putc(NULL, -1, value);
263	8.54M	if (len <= 0)
264	0	return len;
265	8.54M	outlen = arg;
266	8.54M	*outlen += len;
267	8.54M	return 1;
268	8.54M	}
269
270		/*
271		* Determine the "type" of a string: check each character against a supplied
272		* "mask".
273		*/
274
275		static int type_str(unsigned long value, void *arg)
276	8.54M	{
277	8.54M	unsigned long types = ((unsigned long )arg);
278	8.54M	const int native = value > INT_MAX ? INT_MAX : ossl_fromascii(value);
279
280	8.54M	if ((types & B_ASN1_NUMERICSTRING) && !(ossl_isdigit(native)
281	0	\|\| native == ' '))
282	0	types &= ~B_ASN1_NUMERICSTRING;
283	8.54M	if ((types & B_ASN1_PRINTABLESTRING) && !ossl_isasn1print(native))
284	0	types &= ~B_ASN1_PRINTABLESTRING;
285	8.54M	if ((types & B_ASN1_IA5STRING) && !ossl_isascii(native))
286	0	types &= ~B_ASN1_IA5STRING;
287	8.54M	if ((types & B_ASN1_T61STRING) && (value > 0xff))
288	0	types &= ~B_ASN1_T61STRING;
289	8.54M	if ((types & B_ASN1_BMPSTRING) && (value > 0xffff))
290	0	types &= ~B_ASN1_BMPSTRING;
291	8.54M	if ((types & B_ASN1_UTF8STRING) && !is_unicode_valid(value))
292	69	types &= ~B_ASN1_UTF8STRING;
293	8.54M	if (!types)
294	69	return -1;
295	8.54M	((unsigned long )arg) = types;
296	8.54M	return 1;
297	8.54M	}
298
299		/* Copy one byte per character ASCII like strings */
300
301		static int cpy_asc(unsigned long value, void *arg)
302	0	{
303	0	unsigned char *p, q;
304	0	p = arg;
305	0	q = *p;
306	0	*q = (unsigned char)value;
307	0	(*p)++;
308	0	return 1;
309	0	}
310
311		/* Copy two byte per character BMPStrings */
312
313		static int cpy_bmp(unsigned long value, void *arg)
314	0	{
315	0	unsigned char *p, q;
316	0	p = arg;
317	0	q = *p;
318	0	*q++ = (unsigned char)((value >> 8) & 0xff);
319	0	*q = (unsigned char)(value & 0xff);
320	0	*p += 2;
321	0	return 1;
322	0	}
323
324		/* Copy four byte per character UniversalStrings */
325
326		static int cpy_univ(unsigned long value, void *arg)
327	0	{
328	0	unsigned char *p, q;
329	0	p = arg;
330	0	q = *p;
331	0	*q++ = (unsigned char)((value >> 24) & 0xff);
332	0	*q++ = (unsigned char)((value >> 16) & 0xff);
333	0	*q++ = (unsigned char)((value >> 8) & 0xff);
334	0	*q = (unsigned char)(value & 0xff);
335	0	*p += 4;
336	0	return 1;
337	0	}
338
339		/* Copy to a UTF8String */
340
341		static int cpy_utf8(unsigned long value, void *arg)
342	8.54M	{
343	8.54M	unsigned char **p;
344	8.54M	int ret;
345	8.54M	p = arg;
346		/* We already know there is enough room so pass 0xff as the length */
347	8.54M	ret = UTF8_putc(*p, 0xff, value);
348	8.54M	*p += ret;
349	8.54M	return 1;
350	8.54M	}