/src/openssl30/crypto/asn1/a_mbstr.c

Source (jump to first uncovered line)
/*
 * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include "internal/unicode.h"
#include <openssl/asn1.h>

static int traverse_string(const unsigned char *p, int len, int inform,
                           int (*rfunc) (unsigned long value, void *in),
                           void *arg);
static int in_utf8(unsigned long value, void *arg);
static int out_utf8(unsigned long value, void *arg);
static int type_str(unsigned long value, void *arg);
static int cpy_asc(unsigned long value, void *arg);
static int cpy_bmp(unsigned long value, void *arg);
static int cpy_univ(unsigned long value, void *arg);
static int cpy_utf8(unsigned long value, void *arg);

/*
 * These functions take a string in UTF8, ASCII or multibyte form and a mask
 * of permissible ASN1 string types. It then works out the minimal type
 * (using the order Numeric < Printable < IA5 < T61 < BMP < Universal < UTF8)
 * and creates a string of the correct type with the supplied data. Yes this is
 * horrible: it has to be :-( The 'ncopy' form checks minimum and maximum
 * size limits too.
 */

int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
                       int inform, unsigned long mask)
{
    return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0);
}

int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
                        int inform, unsigned long mask,
                        long minsize, long maxsize)
{
    int str_type;
    int ret;
    char free_out;
    int outform, outlen = 0;
    ASN1_STRING *dest;
    unsigned char *p;
    int nchar;
    int (*cpyfunc) (unsigned long, void *) = NULL;
    if (len == -1)
        len = strlen((const char *)in);
    if (!mask)
        mask = DIRSTRING_TYPE;
    if (len < 0)
        return -1;

    /* First do a string check and work out the number of characters */
    switch (inform) {

    case MBSTRING_BMP:
        if (len & 1) {
            ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_BMPSTRING_LENGTH);
            return -1;
        }
        nchar = len >> 1;
        break;

    case MBSTRING_UNIV:
        if (len & 3) {
            ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
            return -1;
        }
        nchar = len >> 2;
        break;

    case MBSTRING_UTF8:
        nchar = 0;
        /* This counts the characters and does utf8 syntax checking */
        ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
        if (ret < 0) {
            ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING);
            return -1;
        }
        break;

    case MBSTRING_ASC:
        nchar = len;
        break;

    default:
        ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_FORMAT);
        return -1;
    }

    if ((minsize > 0) && (nchar < minsize)) {
        ERR_raise_data(ERR_LIB_ASN1, ASN1_R_STRING_TOO_SHORT,
                       "minsize=%ld", minsize);
        return -1;
    }

    if ((maxsize > 0) && (nchar > maxsize)) {
        ERR_raise_data(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG,
                       "maxsize=%ld", maxsize);
        return -1;
    }

    /* Now work out minimal type (if any) */
    if (traverse_string(in, len, inform, type_str, &mask) < 0) {
        ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_CHARACTERS);
        return -1;
    }

    /* Now work out output format and string type */
    outform = MBSTRING_ASC;
    if (mask & B_ASN1_NUMERICSTRING)
        str_type = V_ASN1_NUMERICSTRING;
    else if (mask & B_ASN1_PRINTABLESTRING)
        str_type = V_ASN1_PRINTABLESTRING;
    else if (mask & B_ASN1_IA5STRING)
        str_type = V_ASN1_IA5STRING;
    else if (mask & B_ASN1_T61STRING)
        str_type = V_ASN1_T61STRING;
    else if (mask & B_ASN1_BMPSTRING) {
        str_type = V_ASN1_BMPSTRING;
        outform = MBSTRING_BMP;
    } else if (mask & B_ASN1_UNIVERSALSTRING) {
        str_type = V_ASN1_UNIVERSALSTRING;
        outform = MBSTRING_UNIV;
    } else {
        str_type = V_ASN1_UTF8STRING;
        outform = MBSTRING_UTF8;
    }
    if (!out)
        return str_type;
    if (*out) {
        free_out = 0;
        dest = *out;
        OPENSSL_free(dest->data);
        dest->data = NULL;
        dest->length = 0;
        dest->type = str_type;
    } else {
        free_out = 1;
        dest = ASN1_STRING_type_new(str_type);
        if (dest == NULL) {
            ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
            return -1;
        }
        *out = dest;
    }
    /* If both the same type just copy across */
    if (inform == outform) {
        if (!ASN1_STRING_set(dest, in, len)) {
            ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
            return -1;
        }
        return str_type;
    }

    /* Work out how much space the destination will need */
    switch (outform) {
    case MBSTRING_ASC:
        outlen = nchar;
        cpyfunc = cpy_asc;
        break;

    case MBSTRING_BMP:
        outlen = nchar << 1;
        cpyfunc = cpy_bmp;
        break;

    case MBSTRING_UNIV:
        outlen = nchar << 2;
        cpyfunc = cpy_univ;
        break;

    case MBSTRING_UTF8:
        outlen = 0;
        traverse_string(in, len, inform, out_utf8, &outlen);
        cpyfunc = cpy_utf8;
        break;
    }
    if ((p = OPENSSL_malloc(outlen + 1)) == NULL) {
        if (free_out)
            ASN1_STRING_free(dest);
        ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
        return -1;
    }
    dest->length = outlen;
    dest->data = p;
    p[outlen] = 0;
    traverse_string(in, len, inform, cpyfunc, &p);
    return str_type;
}

/*
 * This function traverses a string and passes the value of each character to
 * an optional function along with a void * argument.
 */

static int traverse_string(const unsigned char *p, int len, int inform,
                           int (*rfunc) (unsigned long value, void *in),
                           void *arg)
{
    unsigned long value;
    int ret;
    while (len) {
        if (inform == MBSTRING_ASC) {
            value = *p++;
            len--;
        } else if (inform == MBSTRING_BMP) {
            value = *p++ << 8;
            value |= *p++;
            len -= 2;
        } else if (inform == MBSTRING_UNIV) {
            value = ((unsigned long)*p++) << 24;
            value |= ((unsigned long)*p++) << 16;
            value |= *p++ << 8;
            value |= *p++;
            len -= 4;
        } else {
            ret = UTF8_getc(p, len, &value);
            if (ret < 0)
                return -1;
            len -= ret;
            p += ret;
        }
        if (rfunc) {
            ret = rfunc(value, arg);
            if (ret <= 0)
                return ret;
        }
    }
    return 1;
}

/* Various utility functions for traverse_string */

/* Just count number of characters */

static int in_utf8(unsigned long value, void *arg)
{
    int *nchar;

    if (!is_unicode_valid(value))
        return -2;
    nchar = arg;
    (*nchar)++;
    return 1;
}

/* Determine size of output as a UTF8 String */

static int out_utf8(unsigned long value, void *arg)
{
    int *outlen, len;

    len = UTF8_putc(NULL, -1, value);
    if (len <= 0)
        return len;
    outlen = arg;
    *outlen += len;
    return 1;
}

/*
 * Determine the "type" of a string: check each character against a supplied
 * "mask".
 */

static int type_str(unsigned long value, void *arg)
{
    unsigned long types = *((unsigned long *)arg);
    const int native = value > INT_MAX ? INT_MAX : ossl_fromascii(value);

    if ((types & B_ASN1_NUMERICSTRING) && !(ossl_isdigit(native)
                                            || native == ' '))
        types &= ~B_ASN1_NUMERICSTRING;
    if ((types & B_ASN1_PRINTABLESTRING) && !ossl_isasn1print(native))
        types &= ~B_ASN1_PRINTABLESTRING;
    if ((types & B_ASN1_IA5STRING) && !ossl_isascii(native))
        types &= ~B_ASN1_IA5STRING;
    if ((types & B_ASN1_T61STRING) && (value > 0xff))
        types &= ~B_ASN1_T61STRING;
    if ((types & B_ASN1_BMPSTRING) && (value > 0xffff))
        types &= ~B_ASN1_BMPSTRING;
    if ((types & B_ASN1_UTF8STRING) && !is_unicode_valid(value))
        types &= ~B_ASN1_UTF8STRING;
    if (!types)
        return -1;
    *((unsigned long *)arg) = types;
    return 1;
}

/* Copy one byte per character ASCII like strings */

static int cpy_asc(unsigned long value, void *arg)
{
    unsigned char **p, *q;
    p = arg;
    q = *p;
    *q = (unsigned char)value;
    (*p)++;
    return 1;
}

/* Copy two byte per character BMPStrings */

static int cpy_bmp(unsigned long value, void *arg)
{
    unsigned char **p, *q;
    p = arg;
    q = *p;
    *q++ = (unsigned char)((value >> 8) & 0xff);
    *q = (unsigned char)(value & 0xff);
    *p += 2;
    return 1;
}

/* Copy four byte per character UniversalStrings */

static int cpy_univ(unsigned long value, void *arg)
{
    unsigned char **p, *q;
    p = arg;
    q = *p;
    *q++ = (unsigned char)((value >> 24) & 0xff);
    *q++ = (unsigned char)((value >> 16) & 0xff);
    *q++ = (unsigned char)((value >> 8) & 0xff);
    *q = (unsigned char)(value & 0xff);
    *p += 4;
    return 1;
}

/* Copy to a UTF8String */

static int cpy_utf8(unsigned long value, void *arg)
{
    unsigned char **p;
    int ret;
    p = arg;
    /* We already know there is enough room so pass 0xff as the length */
    ret = UTF8_putc(*p, 0xff, value);
    *p += ret;
    return 1;
}

Coverage Report

Created: 2023-09-25 06:43

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <stdio.h>
11		#include "crypto/ctype.h"
12		#include "internal/cryptlib.h"
13		#include "internal/unicode.h"
14		#include <openssl/asn1.h>
15
16		static int traverse_string(const unsigned char *p, int len, int inform,
17		int (rfunc) (unsigned long value, void in),
18		void *arg);
19		static int in_utf8(unsigned long value, void *arg);
20		static int out_utf8(unsigned long value, void *arg);
21		static int type_str(unsigned long value, void *arg);
22		static int cpy_asc(unsigned long value, void *arg);
23		static int cpy_bmp(unsigned long value, void *arg);
24		static int cpy_univ(unsigned long value, void *arg);
25		static int cpy_utf8(unsigned long value, void *arg);
26
27		/*
28		* These functions take a string in UTF8, ASCII or multibyte form and a mask
29		* of permissible ASN1 string types. It then works out the minimal type
30		* (using the order Numeric < Printable < IA5 < T61 < BMP < Universal < UTF8)
31		* and creates a string of the correct type with the supplied data. Yes this is
32		* horrible: it has to be :-( The 'ncopy' form checks minimum and maximum
33		* size limits too.
34		*/
35
36		int ASN1_mbstring_copy(ASN1_STRING *out, const unsigned char in, int len,
37		int inform, unsigned long mask)
38	399k	{
39	399k	return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0);
40	399k	}
41
42		int ASN1_mbstring_ncopy(ASN1_STRING *out, const unsigned char in, int len,
43		int inform, unsigned long mask,
44		long minsize, long maxsize)
45	399k	{
46	399k	int str_type;
47	399k	int ret;
48	399k	char free_out;
49	399k	int outform, outlen = 0;
50	399k	ASN1_STRING *dest;
51	399k	unsigned char *p;
52	399k	int nchar;
53	399k	int (cpyfunc) (unsigned long, void ) = NULL;
54	399k	if (len == -1)
55	0	len = strlen((const char *)in);
56	399k	if (!mask)
57	0	mask = DIRSTRING_TYPE;
58	399k	if (len < 0)
59	0	return -1;
60
61		/* First do a string check and work out the number of characters */
62	399k	switch (inform) {
63
64	231k	case MBSTRING_BMP:
65	231k	if (len & 1) {
66	0	ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_BMPSTRING_LENGTH);
67	0	return -1;
68	0	}
69	231k	nchar = len >> 1;
70	231k	break;
71
72	21.2k	case MBSTRING_UNIV:
73	21.2k	if (len & 3) {
74	0	ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
75	0	return -1;
76	0	}
77	21.2k	nchar = len >> 2;
78	21.2k	break;
79
80	9.24k	case MBSTRING_UTF8:
81	9.24k	nchar = 0;
82		/* This counts the characters and does utf8 syntax checking */
83	9.24k	ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
84	9.24k	if (ret < 0) {
85	614	ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING);
86	614	return -1;
87	614	}
88	8.62k	break;
89
90	137k	case MBSTRING_ASC:
91	137k	nchar = len;
92	137k	break;
93
94	0	default:
95	0	ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_FORMAT);
96	0	return -1;
97	399k	}
98
99	398k	if ((minsize > 0) && (nchar < minsize)) {
100	0	ERR_raise_data(ERR_LIB_ASN1, ASN1_R_STRING_TOO_SHORT,
101	0	"minsize=%ld", minsize);
102	0	return -1;
103	0	}
104
105	398k	if ((maxsize > 0) && (nchar > maxsize)) {
106	0	ERR_raise_data(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG,
107	0	"maxsize=%ld", maxsize);
108	0	return -1;
109	0	}
110
111		/* Now work out minimal type (if any) */
112	398k	if (traverse_string(in, len, inform, type_str, &mask) < 0) {
113	35	ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_CHARACTERS);
114	35	return -1;
115	35	}
116
117		/* Now work out output format and string type */
118	398k	outform = MBSTRING_ASC;
119	398k	if (mask & B_ASN1_NUMERICSTRING)
120	0	str_type = V_ASN1_NUMERICSTRING;
121	398k	else if (mask & B_ASN1_PRINTABLESTRING)
122	0	str_type = V_ASN1_PRINTABLESTRING;
123	398k	else if (mask & B_ASN1_IA5STRING)
124	0	str_type = V_ASN1_IA5STRING;
125	398k	else if (mask & B_ASN1_T61STRING)
126	0	str_type = V_ASN1_T61STRING;
127	398k	else if (mask & B_ASN1_BMPSTRING) {
128	0	str_type = V_ASN1_BMPSTRING;
129	0	outform = MBSTRING_BMP;
130	398k	} else if (mask & B_ASN1_UNIVERSALSTRING) {
131	0	str_type = V_ASN1_UNIVERSALSTRING;
132	0	outform = MBSTRING_UNIV;
133	398k	} else {
134	398k	str_type = V_ASN1_UTF8STRING;
135	398k	outform = MBSTRING_UTF8;
136	398k	}
137	398k	if (!out)
138	0	return str_type;
139	398k	if (*out) {
140	398k	free_out = 0;
141	398k	dest = *out;
142	398k	OPENSSL_free(dest->data);
143	398k	dest->data = NULL;
144	398k	dest->length = 0;
145	398k	dest->type = str_type;
146	398k	} else {
147	0	free_out = 1;
148	0	dest = ASN1_STRING_type_new(str_type);
149	0	if (dest == NULL) {
150	0	ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
151	0	return -1;
152	0	}
153	0	*out = dest;
154	0	}
155		/* If both the same type just copy across */
156	398k	if (inform == outform) {
157	8.62k	if (!ASN1_STRING_set(dest, in, len)) {
158	0	ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
159	0	return -1;
160	0	}
161	8.62k	return str_type;
162	8.62k	}
163
164		/* Work out how much space the destination will need */
165	390k	switch (outform) {
166	0	case MBSTRING_ASC:
167	0	outlen = nchar;
168	0	cpyfunc = cpy_asc;
169	0	break;
170
171	0	case MBSTRING_BMP:
172	0	outlen = nchar << 1;
173	0	cpyfunc = cpy_bmp;
174	0	break;
175
176	0	case MBSTRING_UNIV:
177	0	outlen = nchar << 2;
178	0	cpyfunc = cpy_univ;
179	0	break;
180
181	390k	case MBSTRING_UTF8:
182	390k	outlen = 0;
183	390k	traverse_string(in, len, inform, out_utf8, &outlen);
184	390k	cpyfunc = cpy_utf8;
185	390k	break;
186	390k	}
187	390k	if ((p = OPENSSL_malloc(outlen + 1)) == NULL) {
188	0	if (free_out)
189	0	ASN1_STRING_free(dest);
190	0	ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
191	0	return -1;
192	0	}
193	390k	dest->length = outlen;
194	390k	dest->data = p;
195	390k	p[outlen] = 0;
196	390k	traverse_string(in, len, inform, cpyfunc, &p);
197	390k	return str_type;
198	390k	}
199
200		/*
201		* This function traverses a string and passes the value of each character to
202		* an optional function along with a void * argument.
203		*/
204
205		static int traverse_string(const unsigned char *p, int len, int inform,
206		int (rfunc) (unsigned long value, void in),
207		void *arg)
208	1.18M	{
209	1.18M	unsigned long value;
210	1.18M	int ret;
211	64.2M	while (len) {
212	63.0M	if (inform == MBSTRING_ASC) {
213	63.0M	value = *p++;
214	63.0M	len--;
215	63.0M	} else if (inform == MBSTRING_BMP) {
216	52.5k	value = *p++ << 8;
217	52.5k	value \|= *p++;
218	52.5k	len -= 2;
219	52.5k	} else if (inform == MBSTRING_UNIV) {
220	451	value = ((unsigned long)*p++) << 24;
221	451	value \|= ((unsigned long)*p++) << 16;
222	451	value \|= *p++ << 8;
223	451	value \|= *p++;
224	451	len -= 4;
225	18.6k	} else {
226	18.6k	ret = UTF8_getc(p, len, &value);
227	18.6k	if (ret < 0)
228	610	return -1;
229	18.0k	len -= ret;
230	18.0k	p += ret;
231	18.0k	}
232	63.0M	if (rfunc) {
233	63.0M	ret = rfunc(value, arg);
234	63.0M	if (ret <= 0)
235	39	return ret;
236	63.0M	}
237	63.0M	}
238	1.18M	return 1;
239	1.18M	}
240
241		/* Various utility functions for traverse_string */
242
243		/* Just count number of characters */
244
245		static int in_utf8(unsigned long value, void *arg)
246	9.38k	{
247	9.38k	int *nchar;
248
249	9.38k	if (!is_unicode_valid(value))
250	4	return -2;
251	9.37k	nchar = arg;
252	9.37k	(*nchar)++;
253	9.37k	return 1;
254	9.38k	}
255
256		/* Determine size of output as a UTF8 String */
257
258		static int out_utf8(unsigned long value, void *arg)
259	21.0M	{
260	21.0M	int *outlen, len;
261
262	21.0M	len = UTF8_putc(NULL, -1, value);
263	21.0M	if (len <= 0)
264	0	return len;
265	21.0M	outlen = arg;
266	21.0M	*outlen += len;
267	21.0M	return 1;
268	21.0M	}
269
270		/*
271		* Determine the "type" of a string: check each character against a supplied
272		* "mask".
273		*/
274
275		static int type_str(unsigned long value, void *arg)
276	21.0M	{
277	21.0M	unsigned long types = ((unsigned long )arg);
278	21.0M	const int native = value > INT_MAX ? INT_MAX : ossl_fromascii(value);
279
280	21.0M	if ((types & B_ASN1_NUMERICSTRING) && !(ossl_isdigit(native)
281	0	\|\| native == ' '))
282	0	types &= ~B_ASN1_NUMERICSTRING;
283	21.0M	if ((types & B_ASN1_PRINTABLESTRING) && !ossl_isasn1print(native))
284	0	types &= ~B_ASN1_PRINTABLESTRING;
285	21.0M	if ((types & B_ASN1_IA5STRING) && !ossl_isascii(native))
286	0	types &= ~B_ASN1_IA5STRING;
287	21.0M	if ((types & B_ASN1_T61STRING) && (value > 0xff))
288	0	types &= ~B_ASN1_T61STRING;
289	21.0M	if ((types & B_ASN1_BMPSTRING) && (value > 0xffff))
290	0	types &= ~B_ASN1_BMPSTRING;
291	21.0M	if ((types & B_ASN1_UTF8STRING) && !is_unicode_valid(value))
292	35	types &= ~B_ASN1_UTF8STRING;
293	21.0M	if (!types)
294	35	return -1;
295	21.0M	((unsigned long )arg) = types;
296	21.0M	return 1;
297	21.0M	}
298
299		/* Copy one byte per character ASCII like strings */
300
301		static int cpy_asc(unsigned long value, void *arg)
302	0	{
303	0	unsigned char *p, q;
304	0	p = arg;
305	0	q = *p;
306	0	*q = (unsigned char)value;
307	0	(*p)++;
308	0	return 1;
309	0	}
310
311		/* Copy two byte per character BMPStrings */
312
313		static int cpy_bmp(unsigned long value, void *arg)
314	0	{
315	0	unsigned char *p, q;
316	0	p = arg;
317	0	q = *p;
318	0	*q++ = (unsigned char)((value >> 8) & 0xff);
319	0	*q = (unsigned char)(value & 0xff);
320	0	*p += 2;
321	0	return 1;
322	0	}
323
324		/* Copy four byte per character UniversalStrings */
325
326		static int cpy_univ(unsigned long value, void *arg)
327	0	{
328	0	unsigned char *p, q;
329	0	p = arg;
330	0	q = *p;
331	0	*q++ = (unsigned char)((value >> 24) & 0xff);
332	0	*q++ = (unsigned char)((value >> 16) & 0xff);
333	0	*q++ = (unsigned char)((value >> 8) & 0xff);
334	0	*q = (unsigned char)(value & 0xff);
335	0	*p += 4;
336	0	return 1;
337	0	}
338
339		/* Copy to a UTF8String */
340
341		static int cpy_utf8(unsigned long value, void *arg)
342	21.0M	{
343	21.0M	unsigned char **p;
344	21.0M	int ret;
345	21.0M	p = arg;
346		/* We already know there is enough room so pass 0xff as the length */
347	21.0M	ret = UTF8_putc(*p, 0xff, value);
348	21.0M	*p += ret;
349	21.0M	return 1;
350	21.0M	}