/src/openssl30/crypto/x509/x_name.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <stdio.h> |
11 | | #include "crypto/ctype.h" |
12 | | #include "internal/cryptlib.h" |
13 | | #include <openssl/asn1t.h> |
14 | | #include <openssl/x509.h> |
15 | | #include "crypto/x509.h" |
16 | | #include "crypto/asn1.h" |
17 | | #include "x509_local.h" |
18 | | |
19 | | /* |
20 | | * Maximum length of X509_NAME: much larger than anything we should |
21 | | * ever see in practice. |
22 | | */ |
23 | | |
24 | 1.19M | #define X509_NAME_MAX (1024 * 1024) |
25 | | |
26 | | static int x509_name_ex_d2i(ASN1_VALUE **val, |
27 | | const unsigned char **in, long len, |
28 | | const ASN1_ITEM *it, |
29 | | int tag, int aclass, char opt, ASN1_TLC *ctx); |
30 | | |
31 | | static int x509_name_ex_i2d(const ASN1_VALUE **val, unsigned char **out, |
32 | | const ASN1_ITEM *it, int tag, int aclass); |
33 | | static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it); |
34 | | static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it); |
35 | | |
36 | | static int x509_name_encode(X509_NAME *a); |
37 | | static int x509_name_canon(X509_NAME *a); |
38 | | static int asn1_string_canon(ASN1_STRING *out, const ASN1_STRING *in); |
39 | | static int i2d_name_canon(const STACK_OF(STACK_OF_X509_NAME_ENTRY) * intname, |
40 | | unsigned char **in); |
41 | | |
42 | | static int x509_name_ex_print(BIO *out, const ASN1_VALUE **pval, |
43 | | int indent, |
44 | | const char *fname, const ASN1_PCTX *pctx); |
45 | | |
46 | | ASN1_SEQUENCE(X509_NAME_ENTRY) = { |
47 | | ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT), |
48 | | ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_PRINTABLE) |
49 | | } ASN1_SEQUENCE_END(X509_NAME_ENTRY) |
50 | | |
51 | | IMPLEMENT_ASN1_FUNCTIONS(X509_NAME_ENTRY) |
52 | | IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME_ENTRY) |
53 | | |
54 | | /* |
55 | | * For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY } so |
56 | | * declare two template wrappers for this |
57 | | */ |
58 | | |
59 | | ASN1_ITEM_TEMPLATE(X509_NAME_ENTRIES) = |
60 | | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY) |
61 | | static_ASN1_ITEM_TEMPLATE_END(X509_NAME_ENTRIES) |
62 | | |
63 | | ASN1_ITEM_TEMPLATE(X509_NAME_INTERNAL) = |
64 | | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES) |
65 | | static_ASN1_ITEM_TEMPLATE_END(X509_NAME_INTERNAL) |
66 | | |
67 | | /* |
68 | | * Normally that's where it would end: we'd have two nested STACK structures |
69 | | * representing the ASN1. Unfortunately X509_NAME uses a completely different |
70 | | * form and caches encodings so we have to process the internal form and |
71 | | * convert to the external form. |
72 | | */ |
73 | | |
74 | | static const ASN1_EXTERN_FUNCS x509_name_ff = { |
75 | | NULL, |
76 | | x509_name_ex_new, |
77 | | x509_name_ex_free, |
78 | | 0, /* Default clear behaviour is OK */ |
79 | | x509_name_ex_d2i, |
80 | | x509_name_ex_i2d, |
81 | | x509_name_ex_print |
82 | | }; |
83 | | |
84 | | IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff) |
85 | | |
86 | | IMPLEMENT_ASN1_FUNCTIONS(X509_NAME) |
87 | | |
88 | | IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME) |
89 | | |
90 | | static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it) |
91 | 1.57M | { |
92 | 1.57M | X509_NAME *ret = OPENSSL_zalloc(sizeof(*ret)); |
93 | | |
94 | 1.57M | if (ret == NULL) |
95 | 0 | goto memerr; |
96 | 1.57M | if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL) |
97 | 0 | goto memerr; |
98 | 1.57M | if ((ret->bytes = BUF_MEM_new()) == NULL) |
99 | 0 | goto memerr; |
100 | 1.57M | ret->modified = 1; |
101 | 1.57M | *val = (ASN1_VALUE *)ret; |
102 | 1.57M | return 1; |
103 | | |
104 | 0 | memerr: |
105 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); |
106 | 0 | if (ret) { |
107 | 0 | sk_X509_NAME_ENTRY_free(ret->entries); |
108 | 0 | OPENSSL_free(ret); |
109 | 0 | } |
110 | 0 | return 0; |
111 | 1.57M | } |
112 | | |
113 | | static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) |
114 | 1.69M | { |
115 | 1.69M | X509_NAME *a; |
116 | | |
117 | 1.69M | if (pval == NULL || *pval == NULL) |
118 | 0 | return; |
119 | 1.69M | a = (X509_NAME *)*pval; |
120 | | |
121 | 1.69M | BUF_MEM_free(a->bytes); |
122 | 1.69M | sk_X509_NAME_ENTRY_pop_free(a->entries, X509_NAME_ENTRY_free); |
123 | 1.69M | OPENSSL_free(a->canon_enc); |
124 | 1.69M | OPENSSL_free(a); |
125 | 1.69M | *pval = NULL; |
126 | 1.69M | } |
127 | | |
128 | | static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne) |
129 | 40.6M | { |
130 | 40.6M | sk_X509_NAME_ENTRY_free(ne); |
131 | 40.6M | } |
132 | | |
133 | | static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne) |
134 | 7.90M | { |
135 | 7.90M | sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free); |
136 | 7.90M | } |
137 | | |
138 | | static int x509_name_ex_d2i(ASN1_VALUE **val, |
139 | | const unsigned char **in, long len, |
140 | | const ASN1_ITEM *it, int tag, int aclass, |
141 | | char opt, ASN1_TLC *ctx) |
142 | 1.19M | { |
143 | 1.19M | const unsigned char *p = *in, *q; |
144 | 1.19M | union { |
145 | 1.19M | STACK_OF(STACK_OF_X509_NAME_ENTRY) *s; |
146 | 1.19M | ASN1_VALUE *a; |
147 | 1.19M | } intname = { |
148 | 1.19M | NULL |
149 | 1.19M | }; |
150 | 1.19M | union { |
151 | 1.19M | X509_NAME *x; |
152 | 1.19M | ASN1_VALUE *a; |
153 | 1.19M | } nm = { |
154 | 1.19M | NULL |
155 | 1.19M | }; |
156 | 1.19M | int i, j, ret; |
157 | 1.19M | STACK_OF(X509_NAME_ENTRY) *entries; |
158 | 1.19M | X509_NAME_ENTRY *entry; |
159 | | |
160 | 1.19M | if (len > X509_NAME_MAX) |
161 | 0 | len = X509_NAME_MAX; |
162 | 1.19M | q = p; |
163 | | |
164 | | /* Get internal representation of Name */ |
165 | 1.19M | ret = ASN1_item_ex_d2i(&intname.a, |
166 | 1.19M | &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL), |
167 | 1.19M | tag, aclass, opt, ctx); |
168 | | |
169 | 1.19M | if (ret <= 0) |
170 | 156k | return ret; |
171 | | |
172 | 1.03M | if (*val) |
173 | 914k | x509_name_ex_free(val, NULL); |
174 | 1.03M | if (!x509_name_ex_new(&nm.a, NULL)) |
175 | 0 | goto err; |
176 | | /* We've decoded it: now cache encoding */ |
177 | 1.03M | if (!BUF_MEM_grow(nm.x->bytes, p - q)) |
178 | 0 | goto err; |
179 | 1.03M | memcpy(nm.x->bytes->data, q, p - q); |
180 | | |
181 | | /* Convert internal representation to X509_NAME structure */ |
182 | 47.5M | for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) { |
183 | 46.4M | entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname.s, i); |
184 | 53.4M | for (j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) { |
185 | 7.00M | entry = sk_X509_NAME_ENTRY_value(entries, j); |
186 | 7.00M | entry->set = i; |
187 | 7.00M | if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry)) |
188 | 0 | goto err; |
189 | 7.00M | (void)sk_X509_NAME_ENTRY_set(entries, j, NULL); |
190 | 7.00M | } |
191 | 46.4M | } |
192 | 1.03M | ret = x509_name_canon(nm.x); |
193 | 1.03M | if (!ret) |
194 | 27.5k | goto err; |
195 | 1.01M | sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s, |
196 | 1.01M | local_sk_X509_NAME_ENTRY_free); |
197 | 1.01M | nm.x->modified = 0; |
198 | 1.01M | *val = nm.a; |
199 | 1.01M | *in = p; |
200 | 1.01M | return ret; |
201 | | |
202 | 27.5k | err: |
203 | 27.5k | if (nm.x != NULL) |
204 | 27.5k | X509_NAME_free(nm.x); |
205 | 27.5k | sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s, |
206 | 27.5k | local_sk_X509_NAME_ENTRY_pop_free); |
207 | 27.5k | ERR_raise(ERR_LIB_ASN1, ERR_R_NESTED_ASN1_ERROR); |
208 | 27.5k | return 0; |
209 | 1.03M | } |
210 | | |
211 | | static int x509_name_ex_i2d(const ASN1_VALUE **val, unsigned char **out, |
212 | | const ASN1_ITEM *it, int tag, int aclass) |
213 | 298k | { |
214 | 298k | int ret; |
215 | 298k | X509_NAME *a = (X509_NAME *)*val; |
216 | | |
217 | 298k | if (a->modified) { |
218 | 22.8k | ret = x509_name_encode(a); |
219 | 22.8k | if (ret < 0) |
220 | 0 | return ret; |
221 | 22.8k | ret = x509_name_canon(a); |
222 | 22.8k | if (!ret) |
223 | 6.78k | return -1; |
224 | 22.8k | } |
225 | 291k | ret = a->bytes->length; |
226 | 291k | if (out != NULL) { |
227 | 63.7k | memcpy(*out, a->bytes->data, ret); |
228 | 63.7k | *out += ret; |
229 | 63.7k | } |
230 | 291k | return ret; |
231 | 298k | } |
232 | | |
233 | | static int x509_name_encode(X509_NAME *a) |
234 | 13.5k | { |
235 | 13.5k | union { |
236 | 13.5k | STACK_OF(STACK_OF_X509_NAME_ENTRY) *s; |
237 | 13.5k | const ASN1_VALUE *a; |
238 | 13.5k | } intname = { |
239 | 13.5k | NULL |
240 | 13.5k | }; |
241 | 13.5k | int len; |
242 | 13.5k | unsigned char *p; |
243 | 13.5k | STACK_OF(X509_NAME_ENTRY) *entries = NULL; |
244 | 13.5k | X509_NAME_ENTRY *entry; |
245 | 13.5k | int i, set = -1; |
246 | | |
247 | 13.5k | intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null(); |
248 | 13.5k | if (!intname.s) |
249 | 0 | goto memerr; |
250 | 1.88M | for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) { |
251 | 1.87M | entry = sk_X509_NAME_ENTRY_value(a->entries, i); |
252 | 1.87M | if (entry->set != set) { |
253 | 275k | entries = sk_X509_NAME_ENTRY_new_null(); |
254 | 275k | if (!entries) |
255 | 0 | goto memerr; |
256 | 275k | if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries)) { |
257 | 0 | sk_X509_NAME_ENTRY_free(entries); |
258 | 0 | goto memerr; |
259 | 0 | } |
260 | 275k | set = entry->set; |
261 | 275k | } |
262 | 1.87M | if (!sk_X509_NAME_ENTRY_push(entries, entry)) |
263 | 0 | goto memerr; |
264 | 1.87M | } |
265 | 13.5k | len = ASN1_item_ex_i2d(&intname.a, NULL, |
266 | 13.5k | ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); |
267 | 13.5k | if (!BUF_MEM_grow(a->bytes, len)) |
268 | 0 | goto memerr; |
269 | 13.5k | p = (unsigned char *)a->bytes->data; |
270 | 13.5k | ASN1_item_ex_i2d(&intname.a, |
271 | 13.5k | &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); |
272 | 13.5k | sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s, |
273 | 13.5k | local_sk_X509_NAME_ENTRY_free); |
274 | 13.5k | a->modified = 0; |
275 | 13.5k | return len; |
276 | 0 | memerr: |
277 | 0 | sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s, |
278 | 0 | local_sk_X509_NAME_ENTRY_free); |
279 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); |
280 | 0 | return -1; |
281 | 13.5k | } |
282 | | |
283 | | static int x509_name_ex_print(BIO *out, const ASN1_VALUE **pval, |
284 | | int indent, |
285 | | const char *fname, const ASN1_PCTX *pctx) |
286 | 18.3k | { |
287 | 18.3k | if (X509_NAME_print_ex(out, (const X509_NAME *)*pval, |
288 | 18.3k | indent, pctx->nm_flags) <= 0) |
289 | 163 | return 0; |
290 | 18.1k | return 2; |
291 | 18.3k | } |
292 | | |
293 | | /* |
294 | | * This function generates the canonical encoding of the Name structure. In |
295 | | * it all strings are converted to UTF8, leading, trailing and multiple |
296 | | * spaces collapsed, converted to lower case and the leading SEQUENCE header |
297 | | * removed. In future we could also normalize the UTF8 too. By doing this |
298 | | * comparison of Name structures can be rapidly performed by just using |
299 | | * memcmp() of the canonical encoding. By omitting the leading SEQUENCE name |
300 | | * constraints of type dirName can also be checked with a simple memcmp(). |
301 | | * NOTE: For empty X509_NAME (NULL-DN), canon_enclen == 0 && canon_enc == NULL |
302 | | */ |
303 | | |
304 | | static int x509_name_canon(X509_NAME *a) |
305 | 1.06M | { |
306 | 1.06M | unsigned char *p; |
307 | 1.06M | STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname; |
308 | 1.06M | STACK_OF(X509_NAME_ENTRY) *entries = NULL; |
309 | 1.06M | X509_NAME_ENTRY *entry, *tmpentry = NULL; |
310 | 1.06M | int i, set = -1, ret = 0, len; |
311 | | |
312 | 1.06M | OPENSSL_free(a->canon_enc); |
313 | 1.06M | a->canon_enc = NULL; |
314 | | /* Special case: empty X509_NAME => null encoding */ |
315 | 1.06M | if (sk_X509_NAME_ENTRY_num(a->entries) == 0) { |
316 | 831k | a->canon_enclen = 0; |
317 | 831k | return 1; |
318 | 831k | } |
319 | 230k | intname = sk_STACK_OF_X509_NAME_ENTRY_new_null(); |
320 | 230k | if (intname == NULL) { |
321 | 0 | ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); |
322 | 0 | goto err; |
323 | 0 | } |
324 | 9.87M | for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) { |
325 | 9.67M | entry = sk_X509_NAME_ENTRY_value(a->entries, i); |
326 | 9.67M | if (entry->set != set) { |
327 | 1.70M | entries = sk_X509_NAME_ENTRY_new_null(); |
328 | 1.70M | if (entries == NULL) |
329 | 0 | goto err; |
330 | 1.70M | if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries)) { |
331 | 0 | sk_X509_NAME_ENTRY_free(entries); |
332 | 0 | ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); |
333 | 0 | goto err; |
334 | 0 | } |
335 | 1.70M | set = entry->set; |
336 | 1.70M | } |
337 | 9.67M | tmpentry = X509_NAME_ENTRY_new(); |
338 | 9.67M | if (tmpentry == NULL) { |
339 | 0 | ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); |
340 | 0 | goto err; |
341 | 0 | } |
342 | 9.67M | tmpentry->object = OBJ_dup(entry->object); |
343 | 9.67M | if (tmpentry->object == NULL) { |
344 | 0 | ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); |
345 | 0 | goto err; |
346 | 0 | } |
347 | 9.67M | if (!asn1_string_canon(tmpentry->value, entry->value)) |
348 | 34.3k | goto err; |
349 | 9.64M | if (!sk_X509_NAME_ENTRY_push(entries, tmpentry)) { |
350 | 0 | ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); |
351 | 0 | goto err; |
352 | 0 | } |
353 | 9.64M | tmpentry = NULL; |
354 | 9.64M | } |
355 | | |
356 | | /* Finally generate encoding */ |
357 | 196k | len = i2d_name_canon(intname, NULL); |
358 | 196k | if (len < 0) |
359 | 0 | goto err; |
360 | 196k | a->canon_enclen = len; |
361 | | |
362 | 196k | p = OPENSSL_malloc(a->canon_enclen); |
363 | 196k | if (p == NULL) { |
364 | 0 | ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE); |
365 | 0 | goto err; |
366 | 0 | } |
367 | | |
368 | 196k | a->canon_enc = p; |
369 | | |
370 | 196k | i2d_name_canon(intname, &p); |
371 | | |
372 | 196k | ret = 1; |
373 | | |
374 | 230k | err: |
375 | 230k | X509_NAME_ENTRY_free(tmpentry); |
376 | 230k | sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname, |
377 | 230k | local_sk_X509_NAME_ENTRY_pop_free); |
378 | 230k | return ret; |
379 | 196k | } |
380 | | |
381 | | /* Bitmap of all the types of string that will be canonicalized. */ |
382 | | |
383 | | #define ASN1_MASK_CANON \ |
384 | 9.67M | (B_ASN1_UTF8STRING | B_ASN1_BMPSTRING | B_ASN1_UNIVERSALSTRING \ |
385 | 9.67M | | B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \ |
386 | 9.67M | | B_ASN1_VISIBLESTRING) |
387 | | |
388 | | static int asn1_string_canon(ASN1_STRING *out, const ASN1_STRING *in) |
389 | 9.67M | { |
390 | 9.67M | unsigned char *to, *from; |
391 | 9.67M | int len, i; |
392 | | |
393 | | /* If type not in bitmask just copy string across */ |
394 | 9.67M | if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) { |
395 | 4.60M | if (!ASN1_STRING_copy(out, in)) |
396 | 0 | return 0; |
397 | 4.60M | return 1; |
398 | 4.60M | } |
399 | | |
400 | 5.07M | out->type = V_ASN1_UTF8STRING; |
401 | 5.07M | out->length = ASN1_STRING_to_UTF8(&out->data, in); |
402 | 5.07M | if (out->length == -1) |
403 | 34.3k | return 0; |
404 | | |
405 | 5.03M | to = out->data; |
406 | 5.03M | from = to; |
407 | | |
408 | 5.03M | len = out->length; |
409 | | |
410 | | /* |
411 | | * Convert string in place to canonical form. Ultimately we may need to |
412 | | * handle a wider range of characters but for now ignore anything with |
413 | | * MSB set and rely on the ossl_isspace() to fail on bad characters without |
414 | | * needing isascii or range checks as well. |
415 | | */ |
416 | | |
417 | | /* Ignore leading spaces */ |
418 | 5.05M | while (len > 0 && ossl_isspace(*from)) { |
419 | 12.6k | from++; |
420 | 12.6k | len--; |
421 | 12.6k | } |
422 | | |
423 | 5.03M | to = from + len; |
424 | | |
425 | | /* Ignore trailing spaces */ |
426 | 5.05M | while (len > 0 && ossl_isspace(to[-1])) { |
427 | 11.3k | to--; |
428 | 11.3k | len--; |
429 | 11.3k | } |
430 | | |
431 | 5.03M | to = out->data; |
432 | | |
433 | 5.03M | i = 0; |
434 | 292M | while (i < len) { |
435 | | /* If not ASCII set just copy across */ |
436 | 287M | if (!ossl_isascii(*from)) { |
437 | 274M | *to++ = *from++; |
438 | 274M | i++; |
439 | 274M | } |
440 | | /* Collapse multiple spaces */ |
441 | 12.3M | else if (ossl_isspace(*from)) { |
442 | | /* Copy one space across */ |
443 | 440k | *to++ = ' '; |
444 | | /* |
445 | | * Ignore subsequent spaces. Note: don't need to check len here |
446 | | * because we know the last character is a non-space so we can't |
447 | | * overflow. |
448 | | */ |
449 | 718k | do { |
450 | 718k | from++; |
451 | 718k | i++; |
452 | 718k | } |
453 | 718k | while (ossl_isspace(*from)); |
454 | 11.8M | } else { |
455 | 11.8M | *to++ = ossl_tolower(*from); |
456 | 11.8M | from++; |
457 | 11.8M | i++; |
458 | 11.8M | } |
459 | 287M | } |
460 | | |
461 | 5.03M | out->length = to - out->data; |
462 | | |
463 | 5.03M | return 1; |
464 | | |
465 | 5.07M | } |
466 | | |
467 | | static int i2d_name_canon(const STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname, |
468 | | unsigned char **in) |
469 | 392k | { |
470 | 392k | int i, len, ltmp; |
471 | 392k | const ASN1_VALUE *v; |
472 | 392k | STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname; |
473 | | |
474 | 392k | len = 0; |
475 | 3.67M | for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) { |
476 | 3.28M | v = sk_ASN1_VALUE_value(intname, i); |
477 | 3.28M | ltmp = ASN1_item_ex_i2d(&v, in, |
478 | 3.28M | ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1); |
479 | 3.28M | if (ltmp < 0) |
480 | 0 | return ltmp; |
481 | 3.28M | len += ltmp; |
482 | 3.28M | } |
483 | 392k | return len; |
484 | 392k | } |
485 | | |
486 | | int X509_NAME_set(X509_NAME **xn, const X509_NAME *name) |
487 | 18.2k | { |
488 | 18.2k | X509_NAME *name_copy; |
489 | | |
490 | 18.2k | if (*xn == name) |
491 | 0 | return *xn != NULL; |
492 | 18.2k | if ((name_copy = X509_NAME_dup(name)) == NULL) |
493 | 0 | return 0; |
494 | 18.2k | X509_NAME_free(*xn); |
495 | 18.2k | *xn = name_copy; |
496 | 18.2k | return 1; |
497 | 18.2k | } |
498 | | |
499 | | int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase) |
500 | 52.6k | { |
501 | 52.6k | char *s, *c, *b; |
502 | 52.6k | int i; |
503 | | |
504 | 52.6k | b = X509_NAME_oneline(name, NULL, 0); |
505 | 52.6k | if (b == NULL) |
506 | 227 | return 0; |
507 | 52.3k | if (*b == '\0') { |
508 | 40.2k | OPENSSL_free(b); |
509 | 40.2k | return 1; |
510 | 40.2k | } |
511 | 12.0k | s = b + 1; /* skip the first slash */ |
512 | | |
513 | 12.0k | c = s; |
514 | 391M | for (;;) { |
515 | 391M | if (((*s == '/') && |
516 | 391M | (ossl_isupper(s[1]) && ((s[2] == '=') || |
517 | 150k | (ossl_isupper(s[2]) && (s[3] == '=')) |
518 | 391M | ))) || (*s == '\0')) |
519 | 42.7k | { |
520 | 42.7k | i = s - c; |
521 | 42.7k | if (BIO_write(bp, c, i) != i) |
522 | 0 | goto err; |
523 | 42.7k | c = s + 1; /* skip following slash */ |
524 | 42.7k | if (*s != '\0') { |
525 | 30.6k | if (BIO_write(bp, ", ", 2) != 2) |
526 | 0 | goto err; |
527 | 30.6k | } |
528 | 42.7k | } |
529 | 391M | if (*s == '\0') |
530 | 12.0k | break; |
531 | 391M | s++; |
532 | 391M | } |
533 | | |
534 | 12.0k | OPENSSL_free(b); |
535 | 12.0k | return 1; |
536 | 0 | err: |
537 | 0 | ERR_raise(ERR_LIB_X509, ERR_R_BUF_LIB); |
538 | 0 | OPENSSL_free(b); |
539 | 0 | return 0; |
540 | 12.0k | } |
541 | | |
542 | | int X509_NAME_get0_der(const X509_NAME *nm, const unsigned char **pder, |
543 | | size_t *pderlen) |
544 | 0 | { |
545 | | /* Make sure encoding is valid */ |
546 | 0 | if (i2d_X509_NAME(nm, NULL) <= 0) |
547 | 0 | return 0; |
548 | 0 | if (pder != NULL) |
549 | 0 | *pder = (unsigned char *)nm->bytes->data; |
550 | 0 | if (pderlen != NULL) |
551 | 0 | *pderlen = nm->bytes->length; |
552 | 0 | return 1; |
553 | 0 | } |