| /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| * All rights reserved. |
| * |
| * This package is an SSL implementation written |
| * by Eric Young (eay@cryptsoft.com). |
| * The implementation was written so as to conform with Netscapes SSL. |
| * |
| * This library is free for commercial and non-commercial use as long as |
| * the following conditions are aheared to. The following conditions |
| * apply to all code found in this distribution, be it the RC4, RSA, |
| * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
| * included with this distribution is covered by the same copyright terms |
| * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
| * |
| * Copyright remains Eric Young's, and as such any Copyright notices in |
| * the code are not to be removed. |
| * If this package is used in a product, Eric Young should be given attribution |
| * as the author of the parts of the library used. |
| * This can be in the form of a textual message at program startup or |
| * in documentation (online or textual) provided with the package. |
| * |
| * Redistribution and use in source and binary forms, with or without |
| * modification, are permitted provided that the following conditions |
| * are met: |
| * 1. Redistributions of source code must retain the copyright |
| * notice, this list of conditions and the following disclaimer. |
| * 2. Redistributions in binary form must reproduce the above copyright |
| * notice, this list of conditions and the following disclaimer in the |
| * documentation and/or other materials provided with the distribution. |
| * 3. All advertising materials mentioning features or use of this software |
| * must display the following acknowledgement: |
| * "This product includes cryptographic software written by |
| * Eric Young (eay@cryptsoft.com)" |
| * The word 'cryptographic' can be left out if the rouines from the library |
| * being used are not cryptographic related :-). |
| * 4. If you include any Windows specific code (or a derivative thereof) from |
| * the apps directory (application code) you must include an acknowledgement: |
| * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
| * |
| * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
| * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
| * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
| * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
| * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| * SUCH DAMAGE. |
| * |
| * The licence and distribution terms for any publically available version or |
| * derivative of this code cannot be changed. i.e. this code cannot simply be |
| * copied and put under another distribution licence |
| * [including the GNU Public Licence.] */ |
| |
| #include <openssl/asn1.h> |
| |
| #include <stdlib.h> /* For bsearch */ |
| #include <string.h> |
| |
| #include <openssl/err.h> |
| #include <openssl/mem.h> |
| #include <openssl/obj.h> |
| |
| |
| static STACK_OF(ASN1_STRING_TABLE) *stable = NULL; |
| static void st_free(ASN1_STRING_TABLE *tbl); |
| |
| /* This is the global mask for the mbstring functions: this is use to |
| * mask out certain types (such as BMPString and UTF8String) because |
| * certain software (e.g. Netscape) has problems with them. |
| */ |
| |
| static unsigned long global_mask = B_ASN1_UTF8STRING; |
| |
| void ASN1_STRING_set_default_mask(unsigned long mask) |
| { |
| global_mask = mask; |
| } |
| |
| unsigned long ASN1_STRING_get_default_mask(void) |
| { |
| return global_mask; |
| } |
| |
| /* This function sets the default to various "flavours" of configuration. |
| * based on an ASCII string. Currently this is: |
| * MASK:XXXX : a numerical mask value. |
| * nobmp : Don't use BMPStrings (just Printable, T61). |
| * pkix : PKIX recommendation in RFC2459. |
| * utf8only : only use UTF8Strings (RFC2459 recommendation for 2004). |
| * default: the default value, Printable, T61, BMP. |
| */ |
| |
| int ASN1_STRING_set_default_mask_asc(const char *p) |
| { |
| unsigned long mask; |
| char *end; |
| if(!strncmp(p, "MASK:", 5)) { |
| if(!p[5]) return 0; |
| mask = strtoul(p + 5, &end, 0); |
| if(*end) return 0; |
| } else if(!strcmp(p, "nombstr")) |
| mask = ~((unsigned long)(B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)); |
| else if(!strcmp(p, "pkix")) |
| mask = ~((unsigned long)B_ASN1_T61STRING); |
| else if(!strcmp(p, "utf8only")) mask = B_ASN1_UTF8STRING; |
| else if(!strcmp(p, "default")) |
| mask = 0xFFFFFFFFL; |
| else return 0; |
| ASN1_STRING_set_default_mask(mask); |
| return 1; |
| } |
| |
| /* The following function generates an ASN1_STRING based on limits in a table. |
| * Frequently the types and length of an ASN1_STRING are restricted by a |
| * corresponding OID. For example certificates and certificate requests. |
| */ |
| |
| ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in, |
| int inlen, int inform, int nid) |
| { |
| ASN1_STRING_TABLE *tbl; |
| ASN1_STRING *str = NULL; |
| unsigned long mask; |
| int ret; |
| if(!out) out = &str; |
| tbl = ASN1_STRING_TABLE_get(nid); |
| if(tbl) { |
| mask = tbl->mask; |
| if(!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask; |
| ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask, |
| tbl->minsize, tbl->maxsize); |
| } else ret = ASN1_mbstring_copy(out, in, inlen, inform, DIRSTRING_TYPE & global_mask); |
| if(ret <= 0) return NULL; |
| return *out; |
| } |
| |
| /* Now the tables and helper functions for the string table: |
| */ |
| |
| /* size limits: this stuff is taken straight from RFC3280 */ |
| |
| #define ub_name 32768 |
| #define ub_common_name 64 |
| #define ub_locality_name 128 |
| #define ub_state_name 128 |
| #define ub_organization_name 64 |
| #define ub_organization_unit_name 64 |
| #define ub_title 64 |
| #define ub_email_address 128 |
| #define ub_serial_number 64 |
| |
| |
| /* This table must be kept in NID order */ |
| |
| static const ASN1_STRING_TABLE tbl_standard[] = { |
| {NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0}, |
| {NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, |
| {NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0}, |
| {NID_stateOrProvinceName, 1, ub_state_name, DIRSTRING_TYPE, 0}, |
| {NID_organizationName, 1, ub_organization_name, DIRSTRING_TYPE, 0}, |
| {NID_organizationalUnitName, 1, ub_organization_unit_name, DIRSTRING_TYPE, 0}, |
| {NID_pkcs9_emailAddress, 1, ub_email_address, B_ASN1_IA5STRING, STABLE_NO_MASK}, |
| {NID_pkcs9_unstructuredName, 1, -1, PKCS9STRING_TYPE, 0}, |
| {NID_pkcs9_challengePassword, 1, -1, PKCS9STRING_TYPE, 0}, |
| {NID_pkcs9_unstructuredAddress, 1, -1, DIRSTRING_TYPE, 0}, |
| {NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0}, |
| {NID_surname, 1, ub_name, DIRSTRING_TYPE, 0}, |
| {NID_initials, 1, ub_name, DIRSTRING_TYPE, 0}, |
| {NID_serialNumber, 1, ub_serial_number, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, |
| {NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}, |
| {NID_name, 1, ub_name, DIRSTRING_TYPE, 0}, |
| {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, |
| {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK}, |
| {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK} |
| }; |
| |
| static int sk_table_cmp(const ASN1_STRING_TABLE **a, |
| const ASN1_STRING_TABLE **b) |
| { |
| return (*a)->nid - (*b)->nid; |
| } |
| |
| static int table_cmp(const void *in_a, const void *in_b) |
| { |
| const ASN1_STRING_TABLE *a = in_a; |
| const ASN1_STRING_TABLE *b = in_b; |
| return a->nid - b->nid; |
| } |
| |
| ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid) |
| { |
| int found; |
| size_t idx; |
| ASN1_STRING_TABLE *ttmp; |
| ASN1_STRING_TABLE fnd; |
| fnd.nid = nid; |
| |
| ttmp = bsearch(&fnd, tbl_standard, sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE), sizeof(ASN1_STRING_TABLE), table_cmp); |
| if(ttmp) return ttmp; |
| if(!stable) return NULL; |
| found = sk_ASN1_STRING_TABLE_find(stable, &idx, &fnd); |
| if (!found) return NULL; |
| return sk_ASN1_STRING_TABLE_value(stable, idx); |
| } |
| |
| int ASN1_STRING_TABLE_add(int nid, |
| long minsize, long maxsize, unsigned long mask, |
| unsigned long flags) |
| { |
| ASN1_STRING_TABLE *tmp; |
| char new_nid = 0; |
| flags &= ~STABLE_FLAGS_MALLOC; |
| if(!stable) stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp); |
| if(!stable) { |
| OPENSSL_PUT_ERROR(ASN1, ASN1_STRING_TABLE_add, ERR_R_MALLOC_FAILURE); |
| return 0; |
| } |
| if(!(tmp = ASN1_STRING_TABLE_get(nid))) { |
| tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE)); |
| if(!tmp) { |
| OPENSSL_PUT_ERROR(ASN1, ASN1_STRING_TABLE_add, ERR_R_MALLOC_FAILURE); |
| return 0; |
| } |
| tmp->flags = flags | STABLE_FLAGS_MALLOC; |
| tmp->nid = nid; |
| new_nid = 1; |
| } else tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags; |
| if(minsize != -1) tmp->minsize = minsize; |
| if(maxsize != -1) tmp->maxsize = maxsize; |
| tmp->mask = mask; |
| if(new_nid) sk_ASN1_STRING_TABLE_push(stable, tmp); |
| return 1; |
| } |
| |
| void ASN1_STRING_TABLE_cleanup(void) |
| { |
| STACK_OF(ASN1_STRING_TABLE) *tmp; |
| tmp = stable; |
| if(!tmp) return; |
| stable = NULL; |
| sk_ASN1_STRING_TABLE_pop_free(tmp, st_free); |
| } |
| |
| static void st_free(ASN1_STRING_TABLE *tbl) |
| { |
| if(tbl->flags & STABLE_FLAGS_MALLOC) OPENSSL_free(tbl); |
| } |
| |
| |
| #ifdef STRING_TABLE_TEST |
| |
| int |
| main(void) |
| { |
| ASN1_STRING_TABLE *tmp; |
| int i, last_nid = -1; |
| |
| for (tmp = tbl_standard, i = 0; |
| i < sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE); i++, tmp++) |
| { |
| if (tmp->nid < last_nid) |
| { |
| last_nid = 0; |
| break; |
| } |
| last_nid = tmp->nid; |
| } |
| |
| if (last_nid != 0) |
| { |
| printf("Table order OK\n"); |
| exit(0); |
| } |
| |
| for (tmp = tbl_standard, i = 0; |
| i < sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE); i++, tmp++) |
| printf("Index %d, NID %d, Name=%s\n", i, tmp->nid, |
| OBJ_nid2ln(tmp->nid)); |
| |
| return 0; |
| } |
| |
| #endif |