/src/openssl/crypto/x509/x509_obj.c

Source
/*
 * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/buffer.h>
#include "crypto/x509.h"
#include "crypto/ctype.h"

/*
 * Limit to ensure we don't overflow: much greater than
 * anything encountered in practice.
 */

#define NAME_ONELINE_MAX    (1024 * 1024)

char *X509_NAME_oneline(const X509_NAME *a, char *buf, int len)
{
    const X509_NAME_ENTRY *ne;
    int i;
    int n, lold, l, l1, l2, num, j, type;
    int prev_set = -1;
    const char *s;
    char *p;
    unsigned char *q;
    BUF_MEM *b = NULL;
    int gs_doit[4];
    char tmp_buf[80];
#ifdef CHARSET_EBCDIC
    unsigned char ebcdic_buf[1024];
#endif

    if (buf == NULL) {
        if ((b = BUF_MEM_new()) == NULL)
            goto buferr;
        if (!BUF_MEM_grow(b, 200))
            goto buferr;
        b->data[0] = '\0';
        len = 200;
    } else if (len == 0) {
        return NULL;
    }
    if (a == NULL) {
        if (b) {
            buf = b->data;
            OPENSSL_free(b);
        }
        strncpy(buf, "NO X509_NAME", len);
        buf[len - 1] = '\0';
        return buf;
    }

    len--;                      /* space for '\0' */
    l = 0;
    for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
        ne = sk_X509_NAME_ENTRY_value(a->entries, i);
        n = OBJ_obj2nid(ne->object);
        if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
            i2t_ASN1_OBJECT(tmp_buf, sizeof(tmp_buf), ne->object);
            s = tmp_buf;
        }
        l1 = (int)strlen(s);

        type = ne->value->type;
        num = ne->value->length;
        if (num > NAME_ONELINE_MAX) {
            ERR_raise(ERR_LIB_X509, X509_R_NAME_TOO_LONG);
            goto end;
        }
        q = ne->value->data;
#ifdef CHARSET_EBCDIC
        if (type == V_ASN1_GENERALSTRING ||
            type == V_ASN1_VISIBLESTRING ||
            type == V_ASN1_PRINTABLESTRING ||
            type == V_ASN1_TELETEXSTRING ||
            type == V_ASN1_IA5STRING) {
            if (num > (int)sizeof(ebcdic_buf))
                num = sizeof(ebcdic_buf);
            ascii2ebcdic(ebcdic_buf, q, num);
            q = ebcdic_buf;
        }
#endif

        if ((type == V_ASN1_GENERALSTRING) && ((num % 4) == 0)) {
            gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 0;
            for (j = 0; j < num; j++)
                if (q[j] != 0)
                    gs_doit[j & 3] = 1;

            if (gs_doit[0] | gs_doit[1] | gs_doit[2])
                gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
            else {
                gs_doit[0] = gs_doit[1] = gs_doit[2] = 0;
                gs_doit[3] = 1;
            }
        } else
            gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;

        for (l2 = j = 0; j < num; j++) {
            if (!gs_doit[j & 3])
                continue;
            l2++;
            if (q[j] == '/' || q[j] == '+')
                l2++; /* char needs to be escaped */
            else if ((ossl_toascii(q[j]) < ossl_toascii(' ')) ||
                     (ossl_toascii(q[j]) > ossl_toascii('~')))
                l2 += 3;
        }

        lold = l;
        l += 1 + l1 + 1 + l2;
        if (l > NAME_ONELINE_MAX) {
            ERR_raise(ERR_LIB_X509, X509_R_NAME_TOO_LONG);
            goto end;
        }
        if (b != NULL) {
            if (!BUF_MEM_grow(b, l + 1))
                goto buferr;
            p = &(b->data[lold]);
        } else if (l > len) {
            break;
        } else
            p = &(buf[lold]);
        *(p++) = prev_set == ne->set ? '+' : '/';
        memcpy(p, s, (unsigned int)l1);
        p += l1;
        *(p++) = '=';

#ifndef CHARSET_EBCDIC          /* q was assigned above already. */
        q = ne->value->data;
#endif

        for (j = 0; j < num; j++) {
            if (!gs_doit[j & 3])
                continue;
#ifndef CHARSET_EBCDIC
            n = q[j];
            if ((n < ' ') || (n > '~')) {
                *(p++) = '\\';
                *(p++) = 'x';
                p += ossl_to_hex(p, n);
            } else {
                if (n == '/' || n == '+')
                    *(p++) = '\\';
                *(p++) = n;
            }
#else
            n = os_toascii[q[j]];
            if ((n < os_toascii[' ']) || (n > os_toascii['~'])) {
                *(p++) = '\\';
                *(p++) = 'x';
                p += ossl_to_hex(p, n);
            } else {
                if (n == os_toascii['/'] || n == os_toascii['+'])
                    *(p++) = '\\';
                *(p++) = q[j];
            }
#endif
        }
        *p = '\0';
        prev_set = ne->set;
    }
    if (b != NULL) {
        p = b->data;
        OPENSSL_free(b);
    } else
        p = buf;
    if (i == 0)
        *p = '\0';
    return p;
 buferr:
    ERR_raise(ERR_LIB_X509, ERR_R_BUF_LIB);
 end:
    BUF_MEM_free(b);
    return NULL;
}

Line	Count	Source
1		/*
2		* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <stdio.h>
11		#include "internal/cryptlib.h"
12		#include <openssl/objects.h>
13		#include <openssl/x509.h>
14		#include <openssl/buffer.h>
15		#include "crypto/x509.h"
16		#include "crypto/ctype.h"
17
18		/*
19		* Limit to ensure we don't overflow: much greater than
20		* anything encountered in practice.
21		*/
22
23	0	#define NAME_ONELINE_MAX (1024 * 1024)
24
25		char X509_NAME_oneline(const X509_NAME a, char *buf, int len)
26	0	{
27	0	const X509_NAME_ENTRY *ne;
28	0	int i;
29	0	int n, lold, l, l1, l2, num, j, type;
30	0	int prev_set = -1;
31	0	const char *s;
32	0	char *p;
33	0	unsigned char *q;
34	0	BUF_MEM *b = NULL;
35	0	int gs_doit[4];
36	0	char tmp_buf[80];
37		#ifdef CHARSET_EBCDIC
38		unsigned char ebcdic_buf[1024];
39		#endif
40
41	0	if (buf == NULL) {
42	0	if ((b = BUF_MEM_new()) == NULL)
43	0	goto buferr;
44	0	if (!BUF_MEM_grow(b, 200))
45	0	goto buferr;
46	0	b->data[0] = '\0';
47	0	len = 200;
48	0	} else if (len == 0) {
49	0	return NULL;
50	0	}
51	0	if (a == NULL) {
52	0	if (b) {
53	0	buf = b->data;
54	0	OPENSSL_free(b);
55	0	}
56	0	strncpy(buf, "NO X509_NAME", len);
57	0	buf[len - 1] = '\0';
58	0	return buf;
59	0	}
60
61	0	len--; /* space for '\0' */
62	0	l = 0;
63	0	for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
64	0	ne = sk_X509_NAME_ENTRY_value(a->entries, i);
65	0	n = OBJ_obj2nid(ne->object);
66	0	if ((n == NID_undef) \|\| ((s = OBJ_nid2sn(n)) == NULL)) {
67	0	i2t_ASN1_OBJECT(tmp_buf, sizeof(tmp_buf), ne->object);
68	0	s = tmp_buf;
69	0	}
70	0	l1 = (int)strlen(s);
71
72	0	type = ne->value->type;
73	0	num = ne->value->length;
74	0	if (num > NAME_ONELINE_MAX) {
75	0	ERR_raise(ERR_LIB_X509, X509_R_NAME_TOO_LONG);
76	0	goto end;
77	0	}
78	0	q = ne->value->data;
79		#ifdef CHARSET_EBCDIC
80		if (type == V_ASN1_GENERALSTRING \|\|
81		type == V_ASN1_VISIBLESTRING \|\|
82		type == V_ASN1_PRINTABLESTRING \|\|
83		type == V_ASN1_TELETEXSTRING \|\|
84		type == V_ASN1_IA5STRING) {
85		if (num > (int)sizeof(ebcdic_buf))
86		num = sizeof(ebcdic_buf);
87		ascii2ebcdic(ebcdic_buf, q, num);
88		q = ebcdic_buf;
89		}
90		#endif
91
92	0	if ((type == V_ASN1_GENERALSTRING) && ((num % 4) == 0)) {
93	0	gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 0;
94	0	for (j = 0; j < num; j++)
95	0	if (q[j] != 0)
96	0	gs_doit[j & 3] = 1;
97
98	0	if (gs_doit[0] \| gs_doit[1] \| gs_doit[2])
99	0	gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
100	0	else {
101	0	gs_doit[0] = gs_doit[1] = gs_doit[2] = 0;
102	0	gs_doit[3] = 1;
103	0	}
104	0	} else
105	0	gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
106
107	0	for (l2 = j = 0; j < num; j++) {
108	0	if (!gs_doit[j & 3])
109	0	continue;
110	0	l2++;
111	0	if (q[j] == '/' \|\| q[j] == '+')
112	0	l2++; /* char needs to be escaped */
113	0	else if ((ossl_toascii(q[j]) < ossl_toascii(' ')) \|\|
114	0	(ossl_toascii(q[j]) > ossl_toascii('~')))
115	0	l2 += 3;
116	0	}
117
118	0	lold = l;
119	0	l += 1 + l1 + 1 + l2;
120	0	if (l > NAME_ONELINE_MAX) {
121	0	ERR_raise(ERR_LIB_X509, X509_R_NAME_TOO_LONG);
122	0	goto end;
123	0	}
124	0	if (b != NULL) {
125	0	if (!BUF_MEM_grow(b, l + 1))
126	0	goto buferr;
127	0	p = &(b->data[lold]);
128	0	} else if (l > len) {
129	0	break;
130	0	} else
131	0	p = &(buf[lold]);
132	0	*(p++) = prev_set == ne->set ? '+' : '/';
133	0	memcpy(p, s, (unsigned int)l1);
134	0	p += l1;
135	0	*(p++) = '=';
136
137	0	#ifndef CHARSET_EBCDIC /* q was assigned above already. */
138	0	q = ne->value->data;
139	0	#endif
140
141	0	for (j = 0; j < num; j++) {
142	0	if (!gs_doit[j & 3])
143	0	continue;
144	0	#ifndef CHARSET_EBCDIC
145	0	n = q[j];
146	0	if ((n < ' ') \|\| (n > '~')) {
147	0	*(p++) = '\\';
148	0	*(p++) = 'x';
149	0	p += ossl_to_hex(p, n);
150	0	} else {
151	0	if (n == '/' \|\| n == '+')
152	0	*(p++) = '\\';
153	0	*(p++) = n;
154	0	}
155		#else
156		n = os_toascii[q[j]];
157		if ((n < os_toascii[' ']) \|\| (n > os_toascii['~'])) {
158		*(p++) = '\\';
159		*(p++) = 'x';
160		p += ossl_to_hex(p, n);
161		} else {
162		if (n == os_toascii['/'] \|\| n == os_toascii['+'])
163		*(p++) = '\\';
164		*(p++) = q[j];
165		}
166		#endif
167	0	}
168	0	*p = '\0';
169	0	prev_set = ne->set;
170	0	}
171	0	if (b != NULL) {
172	0	p = b->data;
173	0	OPENSSL_free(b);
174	0	} else
175	0	p = buf;
176	0	if (i == 0)
177	0	*p = '\0';
178	0	return p;
179	0	buferr:
180	0	ERR_raise(ERR_LIB_X509, ERR_R_BUF_LIB);
181	0	end:
182	0	BUF_MEM_free(b);
183		return NULL;
184	0	}

Coverage Report

Created: 2025-10-28 06:56