/src/openssl/crypto/pkcs12/p12_utl.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <stdio.h> |
11 | | #include "internal/cryptlib.h" |
12 | | #include <openssl/pkcs12.h> |
13 | | #include "p12_local.h" |
14 | | #include "crypto/pkcs7/pk7_local.h" |
15 | | #include <crypto/asn1.h> |
16 | | |
17 | | /* Cheap and nasty Unicode stuff */ |
18 | | |
19 | | unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, |
20 | | unsigned char **uni, int *unilen) |
21 | 0 | { |
22 | 0 | int ulen, i; |
23 | 0 | unsigned char *unitmp; |
24 | |
|
25 | 0 | if (asclen == -1) |
26 | 0 | asclen = (int)strlen(asc); |
27 | 0 | if (asclen < 0) |
28 | 0 | return NULL; |
29 | 0 | ulen = asclen * 2 + 2; |
30 | 0 | if ((unitmp = OPENSSL_malloc(ulen)) == NULL) |
31 | 0 | return NULL; |
32 | 0 | for (i = 0; i < ulen - 2; i += 2) { |
33 | 0 | unitmp[i] = 0; |
34 | 0 | unitmp[i + 1] = asc[i >> 1]; |
35 | 0 | } |
36 | | /* Make result double null terminated */ |
37 | 0 | unitmp[ulen - 2] = 0; |
38 | 0 | unitmp[ulen - 1] = 0; |
39 | 0 | if (unilen) |
40 | 0 | *unilen = ulen; |
41 | 0 | if (uni) |
42 | 0 | *uni = unitmp; |
43 | 0 | return unitmp; |
44 | 0 | } |
45 | | |
46 | | char *OPENSSL_uni2asc(const unsigned char *uni, int unilen) |
47 | 0 | { |
48 | 0 | int asclen, i; |
49 | 0 | char *asctmp; |
50 | | |
51 | | /* string must contain an even number of bytes */ |
52 | 0 | if (unilen & 1) |
53 | 0 | return NULL; |
54 | 0 | if (unilen < 0) |
55 | 0 | return NULL; |
56 | 0 | asclen = unilen / 2; |
57 | | /* If no terminating zero allow for one */ |
58 | 0 | if (!unilen || uni[unilen - 1]) |
59 | 0 | asclen++; |
60 | 0 | uni++; |
61 | 0 | if ((asctmp = OPENSSL_malloc(asclen)) == NULL) |
62 | 0 | return NULL; |
63 | 0 | for (i = 0; i < unilen; i += 2) |
64 | 0 | asctmp[i >> 1] = uni[i]; |
65 | 0 | asctmp[asclen - 1] = 0; |
66 | 0 | return asctmp; |
67 | 0 | } |
68 | | |
69 | | /* |
70 | | * OPENSSL_{utf82uni|uni2utf8} perform conversion between UTF-8 and |
71 | | * PKCS#12 BMPString format, which is specified as big-endian UTF-16. |
72 | | * One should keep in mind that even though BMPString is passed as |
73 | | * unsigned char *, it's not the kind of string you can exercise e.g. |
74 | | * strlen on. Caller also has to keep in mind that its length is |
75 | | * expressed not in number of UTF-16 characters, but in number of |
76 | | * bytes the string occupies, and treat it, the length, accordingly. |
77 | | */ |
78 | | unsigned char *OPENSSL_utf82uni(const char *asc, int asclen, |
79 | | unsigned char **uni, int *unilen) |
80 | 0 | { |
81 | 0 | int ulen, i, j; |
82 | 0 | unsigned char *unitmp, *ret; |
83 | 0 | uint32_t utf32chr = 0; |
84 | |
|
85 | 0 | if (asclen == -1) |
86 | 0 | asclen = (int)strlen(asc); |
87 | |
|
88 | 0 | for (ulen = 0, i = 0; i < asclen; i += j) { |
89 | 0 | j = ossl_utf8_getc_internal((const unsigned char *)asc + i, asclen - i, |
90 | 0 | &utf32chr); |
91 | | |
92 | | /* |
93 | | * Following condition is somewhat opportunistic is sense that |
94 | | * decoding failure is used as *indirect* indication that input |
95 | | * string might in fact be extended ASCII/ANSI/ISO-8859-X. The |
96 | | * fallback is taken in hope that it would allow to process |
97 | | * files created with previous OpenSSL version, which used the |
98 | | * naive OPENSSL_asc2uni all along. It might be worth noting |
99 | | * that probability of false positive depends on language. In |
100 | | * cases covered by ISO Latin 1 probability is very low, because |
101 | | * any printable non-ASCII alphabet letter followed by another |
102 | | * or any ASCII character will trigger failure and fallback. |
103 | | * In other cases situation can be intensified by the fact that |
104 | | * English letters are not part of alternative keyboard layout, |
105 | | * but even then there should be plenty of pairs that trigger |
106 | | * decoding failure... |
107 | | */ |
108 | 0 | if (j < 0) |
109 | 0 | return OPENSSL_asc2uni(asc, asclen, uni, unilen); |
110 | | |
111 | 0 | if (utf32chr > 0x10FFFF) /* UTF-16 cap */ |
112 | 0 | return NULL; |
113 | | |
114 | 0 | if (utf32chr >= 0x10000) /* pair of UTF-16 characters */ |
115 | 0 | ulen += 2 * 2; |
116 | 0 | else /* or just one */ |
117 | 0 | ulen += 2; |
118 | 0 | } |
119 | | |
120 | 0 | ulen += 2; /* for trailing UTF16 zero */ |
121 | |
|
122 | 0 | if ((ret = OPENSSL_malloc(ulen)) == NULL) |
123 | 0 | return NULL; |
124 | | /* re-run the loop writing down UTF-16 characters in big-endian order */ |
125 | 0 | for (unitmp = ret, i = 0; i < asclen; i += j) { |
126 | 0 | j = ossl_utf8_getc_internal((const unsigned char *)asc + i, asclen - i, |
127 | 0 | &utf32chr); |
128 | 0 | if (utf32chr >= 0x10000) { /* pair if UTF-16 characters */ |
129 | 0 | unsigned int hi, lo; |
130 | |
|
131 | 0 | utf32chr -= 0x10000; |
132 | 0 | hi = 0xD800 + (utf32chr >> 10); |
133 | 0 | lo = 0xDC00 + (utf32chr & 0x3ff); |
134 | 0 | *unitmp++ = (unsigned char)(hi >> 8); |
135 | 0 | *unitmp++ = (unsigned char)(hi); |
136 | 0 | *unitmp++ = (unsigned char)(lo >> 8); |
137 | 0 | *unitmp++ = (unsigned char)(lo); |
138 | 0 | } else { /* or just one */ |
139 | 0 | *unitmp++ = (unsigned char)(utf32chr >> 8); |
140 | 0 | *unitmp++ = (unsigned char)(utf32chr); |
141 | 0 | } |
142 | 0 | } |
143 | | /* Make result double null terminated */ |
144 | 0 | *unitmp++ = 0; |
145 | 0 | *unitmp++ = 0; |
146 | 0 | if (unilen) |
147 | 0 | *unilen = ulen; |
148 | 0 | if (uni) |
149 | 0 | *uni = ret; |
150 | 0 | return ret; |
151 | 0 | } |
152 | | |
153 | | static int bmp_to_utf8(char *str, const unsigned char *utf16, int len) |
154 | 0 | { |
155 | 0 | uint32_t utf32chr; |
156 | |
|
157 | 0 | if (len == 0) |
158 | 0 | return 0; |
159 | | |
160 | 0 | if (len < 2) |
161 | 0 | return -1; |
162 | | |
163 | | /* pull UTF-16 character in big-endian order */ |
164 | 0 | utf32chr = (utf16[0] << 8) | utf16[1]; |
165 | |
|
166 | 0 | if (utf32chr >= 0xD800 && utf32chr < 0xE000) { /* two chars */ |
167 | 0 | unsigned int lo; |
168 | |
|
169 | 0 | if (len < 4) |
170 | 0 | return -1; |
171 | | |
172 | 0 | utf32chr -= 0xD800; |
173 | 0 | utf32chr <<= 10; |
174 | 0 | lo = (utf16[2] << 8) | utf16[3]; |
175 | 0 | if (lo < 0xDC00 || lo >= 0xE000) |
176 | 0 | return -1; |
177 | 0 | utf32chr |= lo - 0xDC00; |
178 | 0 | utf32chr += 0x10000; |
179 | 0 | } |
180 | | |
181 | 0 | return ossl_utf8_putc_internal((unsigned char *)str, 4, utf32chr); |
182 | 0 | } |
183 | | char *OPENSSL_uni2utf8(const unsigned char *uni, int unilen) |
184 | 0 | { |
185 | 0 | int asclen, i, j; |
186 | 0 | char *asctmp; |
187 | | |
188 | | /* string must contain an even number of bytes */ |
189 | 0 | if (unilen & 1) |
190 | 0 | return NULL; |
191 | | |
192 | 0 | for (asclen = 0, i = 0; i < unilen;) { |
193 | 0 | j = bmp_to_utf8(NULL, uni + i, unilen - i); |
194 | | /* |
195 | | * falling back to OPENSSL_uni2asc makes lesser sense [than |
196 | | * falling back to OPENSSL_asc2uni in OPENSSL_utf82uni above], |
197 | | * it's done rather to maintain symmetry... |
198 | | */ |
199 | 0 | if (j < 0) |
200 | 0 | return OPENSSL_uni2asc(uni, unilen); |
201 | 0 | if (j == 4) |
202 | 0 | i += 4; |
203 | 0 | else |
204 | 0 | i += 2; |
205 | 0 | asclen += j; |
206 | 0 | } |
207 | | |
208 | | /* If no terminating zero allow for one */ |
209 | 0 | if (!unilen || (uni[unilen - 2] || uni[unilen - 1])) |
210 | 0 | asclen++; |
211 | |
|
212 | 0 | if ((asctmp = OPENSSL_malloc(asclen)) == NULL) |
213 | 0 | return NULL; |
214 | | |
215 | | /* re-run the loop emitting UTF-8 string */ |
216 | 0 | for (asclen = 0, i = 0; i < unilen;) { |
217 | 0 | j = bmp_to_utf8(asctmp + asclen, uni + i, unilen - i); |
218 | | /* when UTF8_putc fails */ |
219 | 0 | if (j < 0) { |
220 | 0 | OPENSSL_free(asctmp); |
221 | 0 | return NULL; |
222 | 0 | } |
223 | 0 | if (j == 4) |
224 | 0 | i += 4; |
225 | 0 | else |
226 | 0 | i += 2; |
227 | 0 | asclen += j; |
228 | 0 | } |
229 | | |
230 | | /* If no terminating zero write one */ |
231 | 0 | if (!unilen || (uni[unilen - 2] || uni[unilen - 1])) |
232 | 0 | asctmp[asclen] = '\0'; |
233 | |
|
234 | 0 | return asctmp; |
235 | 0 | } |
236 | | |
237 | | int i2d_PKCS12_bio(BIO *bp, const PKCS12 *p12) |
238 | 0 | { |
239 | 0 | return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS12), bp, p12); |
240 | 0 | } |
241 | | |
242 | | #ifndef OPENSSL_NO_STDIO |
243 | | int i2d_PKCS12_fp(FILE *fp, const PKCS12 *p12) |
244 | 0 | { |
245 | 0 | return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS12), fp, p12); |
246 | 0 | } |
247 | | #endif |
248 | | |
249 | | PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12) |
250 | 0 | { |
251 | 0 | OSSL_LIB_CTX *libctx = NULL; |
252 | 0 | const char *propq = NULL; |
253 | 0 | const PKCS7_CTX *p7ctx = NULL; |
254 | |
|
255 | 0 | if (p12 != NULL) { |
256 | 0 | p7ctx = ossl_pkcs12_get0_pkcs7ctx(*p12); |
257 | 0 | if (p7ctx != NULL) { |
258 | 0 | libctx = ossl_pkcs7_ctx_get0_libctx(p7ctx); |
259 | 0 | propq = ossl_pkcs7_ctx_get0_propq(p7ctx); |
260 | 0 | } |
261 | 0 | } |
262 | 0 | return ASN1_item_d2i_bio_ex(ASN1_ITEM_rptr(PKCS12), bp, p12, libctx, propq); |
263 | 0 | } |
264 | | |
265 | | #ifndef OPENSSL_NO_STDIO |
266 | | PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12) |
267 | 0 | { |
268 | 0 | OSSL_LIB_CTX *libctx = NULL; |
269 | 0 | const char *propq = NULL; |
270 | 0 | const PKCS7_CTX *p7ctx = NULL; |
271 | |
|
272 | 0 | if (p12 != NULL) { |
273 | 0 | p7ctx = ossl_pkcs12_get0_pkcs7ctx(*p12); |
274 | 0 | if (p7ctx != NULL) { |
275 | 0 | libctx = ossl_pkcs7_ctx_get0_libctx(p7ctx); |
276 | 0 | propq = ossl_pkcs7_ctx_get0_propq(p7ctx); |
277 | 0 | } |
278 | 0 | } |
279 | 0 | return ASN1_item_d2i_fp_ex(ASN1_ITEM_rptr(PKCS12), fp, p12, libctx, propq); |
280 | 0 | } |
281 | | #endif |