VirtualBox

source: vbox/trunk/src/libs/openssl-1.1.0g/crypto/asn1/a_strnid.c@ 69890

Last change on this file since 69890 was 69890, checked in by vboxsync, 7 years ago

Added OpenSSL 1.1.0g with unneeded files removed, otherwise unmodified.
bugref:8070: src/libs maintenance
  • Property svn:eol-style set to native
File size: 8.6 KB
Line 
1/*
2 * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <stdio.h>
11#include <ctype.h>
12#include "internal/cryptlib.h"
13#include <openssl/asn1.h>
14#include <openssl/objects.h>
15
16static STACK_OF(ASN1_STRING_TABLE) *stable = NULL;
17static void st_free(ASN1_STRING_TABLE *tbl);
18static int sk_table_cmp(const ASN1_STRING_TABLE *const *a,
19 const ASN1_STRING_TABLE *const *b);
20
21/*
22 * This is the global mask for the mbstring functions: this is use to mask
23 * out certain types (such as BMPString and UTF8String) because certain
24 * software (e.g. Netscape) has problems with them.
25 */
26
27static unsigned long global_mask = B_ASN1_UTF8STRING;
28
29void ASN1_STRING_set_default_mask(unsigned long mask)
30{
31 global_mask = mask;
32}
33
34unsigned long ASN1_STRING_get_default_mask(void)
35{
36 return global_mask;
37}
38
39/*-
40 * This function sets the default to various "flavours" of configuration.
41 * based on an ASCII string. Currently this is:
42 * MASK:XXXX : a numerical mask value.
43 * nobmp : Don't use BMPStrings (just Printable, T61).
44 * pkix : PKIX recommendation in RFC2459.
45 * utf8only : only use UTF8Strings (RFC2459 recommendation for 2004).
46 * default: the default value, Printable, T61, BMP.
47 */
48
49int ASN1_STRING_set_default_mask_asc(const char *p)
50{
51 unsigned long mask;
52 char *end;
53 if (strncmp(p, "MASK:", 5) == 0) {
54 if (!p[5])
55 return 0;
56 mask = strtoul(p + 5, &end, 0);
57 if (*end)
58 return 0;
59 } else if (strcmp(p, "nombstr") == 0)
60 mask = ~((unsigned long)(B_ASN1_BMPSTRING | B_ASN1_UTF8STRING));
61 else if (strcmp(p, "pkix") == 0)
62 mask = ~((unsigned long)B_ASN1_T61STRING);
63 else if (strcmp(p, "utf8only") == 0)
64 mask = B_ASN1_UTF8STRING;
65 else if (strcmp(p, "default") == 0)
66 mask = 0xFFFFFFFFL;
67 else
68 return 0;
69 ASN1_STRING_set_default_mask(mask);
70 return 1;
71}
72
73/*
74 * The following function generates an ASN1_STRING based on limits in a
75 * table. Frequently the types and length of an ASN1_STRING are restricted by
76 * a corresponding OID. For example certificates and certificate requests.
77 */
78
79ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
80 const unsigned char *in, int inlen,
81 int inform, int nid)
82{
83 ASN1_STRING_TABLE *tbl;
84 ASN1_STRING *str = NULL;
85 unsigned long mask;
86 int ret;
87 if (!out)
88 out = &str;
89 tbl = ASN1_STRING_TABLE_get(nid);
90 if (tbl) {
91 mask = tbl->mask;
92 if (!(tbl->flags & STABLE_NO_MASK))
93 mask &= global_mask;
94 ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask,
95 tbl->minsize, tbl->maxsize);
96 } else
97 ret =
98 ASN1_mbstring_copy(out, in, inlen, inform,
99 DIRSTRING_TYPE & global_mask);
100 if (ret <= 0)
101 return NULL;
102 return *out;
103}
104
105/*
106 * Now the tables and helper functions for the string table:
107 */
108
109/* size limits: this stuff is taken straight from RFC3280 */
110
111#define ub_name 32768
112#define ub_common_name 64
113#define ub_locality_name 128
114#define ub_state_name 128
115#define ub_organization_name 64
116#define ub_organization_unit_name 64
117#define ub_title 64
118#define ub_email_address 128
119#define ub_serial_number 64
120
121/* From RFC4524 */
122
123#define ub_rfc822_mailbox 256
124
125/* This table must be kept in NID order */
126
127static const ASN1_STRING_TABLE tbl_standard[] = {
128 {NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0},
129 {NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
130 {NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0},
131 {NID_stateOrProvinceName, 1, ub_state_name, DIRSTRING_TYPE, 0},
132 {NID_organizationName, 1, ub_organization_name, DIRSTRING_TYPE, 0},
133 {NID_organizationalUnitName, 1, ub_organization_unit_name, DIRSTRING_TYPE,
134 0},
135 {NID_pkcs9_emailAddress, 1, ub_email_address, B_ASN1_IA5STRING,
136 STABLE_NO_MASK},
137 {NID_pkcs9_unstructuredName, 1, -1, PKCS9STRING_TYPE, 0},
138 {NID_pkcs9_challengePassword, 1, -1, PKCS9STRING_TYPE, 0},
139 {NID_pkcs9_unstructuredAddress, 1, -1, DIRSTRING_TYPE, 0},
140 {NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0},
141 {NID_surname, 1, ub_name, DIRSTRING_TYPE, 0},
142 {NID_initials, 1, ub_name, DIRSTRING_TYPE, 0},
143 {NID_serialNumber, 1, ub_serial_number, B_ASN1_PRINTABLESTRING,
144 STABLE_NO_MASK},
145 {NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
146 {NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
147 {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
148 {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK},
149 {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
150 {NID_rfc822Mailbox, 1, ub_rfc822_mailbox, B_ASN1_IA5STRING,
151 STABLE_NO_MASK},
152 {NID_jurisdictionCountryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
153 {NID_INN, 1, 12, B_ASN1_NUMERICSTRING, STABLE_NO_MASK},
154 {NID_OGRN, 1, 13, B_ASN1_NUMERICSTRING, STABLE_NO_MASK},
155 {NID_SNILS, 1, 11, B_ASN1_NUMERICSTRING, STABLE_NO_MASK}
156};
157
158static int sk_table_cmp(const ASN1_STRING_TABLE *const *a,
159 const ASN1_STRING_TABLE *const *b)
160{
161 return (*a)->nid - (*b)->nid;
162}
163
164DECLARE_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table);
165
166static int table_cmp(const ASN1_STRING_TABLE *a, const ASN1_STRING_TABLE *b)
167{
168 return a->nid - b->nid;
169}
170
171IMPLEMENT_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table);
172
173ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
174{
175 int idx;
176 ASN1_STRING_TABLE fnd;
177 fnd.nid = nid;
178 if (stable) {
179 idx = sk_ASN1_STRING_TABLE_find(stable, &fnd);
180 if (idx >= 0)
181 return sk_ASN1_STRING_TABLE_value(stable, idx);
182 }
183 return OBJ_bsearch_table(&fnd, tbl_standard, OSSL_NELEM(tbl_standard));
184}
185
186/*
187 * Return a string table pointer which can be modified: either directly from
188 * table or a copy of an internal value added to the table.
189 */
190
191static ASN1_STRING_TABLE *stable_get(int nid)
192{
193 ASN1_STRING_TABLE *tmp, *rv;
194 /* Always need a string table so allocate one if NULL */
195 if (stable == NULL) {
196 stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp);
197 if (stable == NULL)
198 return NULL;
199 }
200 tmp = ASN1_STRING_TABLE_get(nid);
201 if (tmp && tmp->flags & STABLE_FLAGS_MALLOC)
202 return tmp;
203 rv = OPENSSL_zalloc(sizeof(*rv));
204 if (rv == NULL)
205 return NULL;
206 if (!sk_ASN1_STRING_TABLE_push(stable, rv)) {
207 OPENSSL_free(rv);
208 return NULL;
209 }
210 if (tmp) {
211 rv->nid = tmp->nid;
212 rv->minsize = tmp->minsize;
213 rv->maxsize = tmp->maxsize;
214 rv->mask = tmp->mask;
215 rv->flags = tmp->flags | STABLE_FLAGS_MALLOC;
216 } else {
217 rv->nid = nid;
218 rv->minsize = -1;
219 rv->maxsize = -1;
220 rv->flags = STABLE_FLAGS_MALLOC;
221 }
222 return rv;
223}
224
225int ASN1_STRING_TABLE_add(int nid,
226 long minsize, long maxsize, unsigned long mask,
227 unsigned long flags)
228{
229 ASN1_STRING_TABLE *tmp;
230 tmp = stable_get(nid);
231 if (!tmp) {
232 ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE);
233 return 0;
234 }
235 if (minsize >= 0)
236 tmp->minsize = minsize;
237 if (maxsize >= 0)
238 tmp->maxsize = maxsize;
239 if (mask)
240 tmp->mask = mask;
241 if (flags)
242 tmp->flags = STABLE_FLAGS_MALLOC | flags;
243 return 1;
244}
245
246void ASN1_STRING_TABLE_cleanup(void)
247{
248 STACK_OF(ASN1_STRING_TABLE) *tmp;
249 tmp = stable;
250 if (!tmp)
251 return;
252 stable = NULL;
253 sk_ASN1_STRING_TABLE_pop_free(tmp, st_free);
254}
255
256static void st_free(ASN1_STRING_TABLE *tbl)
257{
258 if (tbl->flags & STABLE_FLAGS_MALLOC)
259 OPENSSL_free(tbl);
260}
261
262
263#ifdef STRING_TABLE_TEST
264
265main()
266{
267 ASN1_STRING_TABLE *tmp;
268 int i, last_nid = -1;
269
270 for (tmp = tbl_standard, i = 0; i < OSSL_NELEM(tbl_standard); i++, tmp++) {
271 if (tmp->nid < last_nid) {
272 last_nid = 0;
273 break;
274 }
275 last_nid = tmp->nid;
276 }
277
278 if (last_nid != 0) {
279 printf("Table order OK\n");
280 exit(0);
281 }
282
283 for (tmp = tbl_standard, i = 0; i < OSSL_NELEM(tbl_standard); i++, tmp++)
284 printf("Index %d, NID %d, Name=%s\n", i, tmp->nid,
285 OBJ_nid2ln(tmp->nid));
286
287}
288
289#endif
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette