X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=crypto%2Fx509%2Fx_name.c;h=d36a9d37c16b970af1e9136552e1fb7cc4bd45bf;hb=180794c54e98ae467c4ebced3737e1ede03e320a;hp=9133e3cb824c4420a9f6d08bd1c83eacd88a396b;hpb=7ab507495b86371756575d606af556b4fd74e27a;p=openssl.git diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c index 9133e3cb82..d36a9d37c1 100644 --- a/crypto/x509/x_name.c +++ b/crypto/x509/x_name.c @@ -1,62 +1,14 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. +/* + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include -#include +#include "internal/ctype.h" #include "internal/cryptlib.h" #include #include @@ -64,6 +16,13 @@ #include "internal/asn1_int.h" #include "x509_lcl.h" +/* + * Maximum length of X509_NAME: much larger than anything we should + * ever see in practice. + */ + +#define X509_NAME_MAX (1024 * 1024) + static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it, @@ -76,7 +35,7 @@ static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it); static int x509_name_encode(X509_NAME *a); static int x509_name_canon(X509_NAME *a); -static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in); +static int asn1_string_canon(ASN1_STRING *out, const ASN1_STRING *in); static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * intname, unsigned char **in); @@ -166,6 +125,16 @@ static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) *pval = NULL; } +static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne) +{ + sk_X509_NAME_ENTRY_free(ne); +} + +static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne) +{ + sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free); +} + static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, @@ -187,6 +156,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, int i, j, ret; STACK_OF(X509_NAME_ENTRY) *entries; X509_NAME_ENTRY *entry; + if (len > X509_NAME_MAX) + len = X509_NAME_MAX; q = p; /* Get internal representation of Name */ @@ -214,19 +185,24 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, entry->set = i; if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry)) goto err; + sk_X509_NAME_ENTRY_set(entries, j, NULL); } - sk_X509_NAME_ENTRY_free(entries); } - sk_STACK_OF_X509_NAME_ENTRY_free(intname.s); ret = x509_name_canon(nm.x); if (!ret) goto err; + sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s, + local_sk_X509_NAME_ENTRY_free); nm.x->modified = 0; *val = nm.a; *in = p; return ret; + err: - X509_NAME_free(nm.x); + if (nm.x != NULL) + X509_NAME_free(nm.x); + sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s, + local_sk_X509_NAME_ENTRY_pop_free); ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR); return 0; } @@ -252,16 +228,6 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, return ret; } -static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne) -{ - sk_X509_NAME_ENTRY_free(ne); -} - -static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne) -{ - sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free); -} - static int x509_name_encode(X509_NAME *a) { union { @@ -284,8 +250,10 @@ static int x509_name_encode(X509_NAME *a) entries = sk_X509_NAME_ENTRY_new_null(); if (!entries) goto memerr; - if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries)) + if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries)) { + sk_X509_NAME_ENTRY_free(entries); goto memerr; + } set = entry->set; } if (!sk_X509_NAME_ENTRY_push(entries, entry)) @@ -313,7 +281,7 @@ static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval, int indent, const char *fname, const ASN1_PCTX *pctx) { - if (X509_NAME_print_ex(out, (X509_NAME *)*pval, + if (X509_NAME_print_ex(out, (const X509_NAME *)*pval, indent, pctx->nm_flags) <= 0) return 0; return 2; @@ -324,7 +292,7 @@ static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval, * it all strings are converted to UTF8, leading, trailing and multiple * spaces collapsed, converted to lower case and the leading SEQUENCE header * removed. In future we could also normalize the UTF8 too. By doing this - * comparison of Name structures can be rapidly perfomed by just using + * comparison of Name structures can be rapidly performed by just using * memcmp() of the canonical encoding. By omitting the leading SEQUENCE name * constraints of type dirName can also be checked with a simple memcmp(). */ @@ -335,7 +303,7 @@ static int x509_name_canon(X509_NAME *a) STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL; STACK_OF(X509_NAME_ENTRY) *entries = NULL; X509_NAME_ENTRY *entry, *tmpentry = NULL; - int i, set = -1, ret = 0; + int i, set = -1, ret = 0, len; OPENSSL_free(a->canon_enc); a->canon_enc = NULL; @@ -353,14 +321,18 @@ static int x509_name_canon(X509_NAME *a) entries = sk_X509_NAME_ENTRY_new_null(); if (!entries) goto err; - if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries)) + if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries)) { + sk_X509_NAME_ENTRY_free(entries); goto err; + } set = entry->set; } tmpentry = X509_NAME_ENTRY_new(); if (tmpentry == NULL) goto err; tmpentry->object = OBJ_dup(entry->object); + if (tmpentry->object == NULL) + goto err; if (!asn1_string_canon(tmpentry->value, entry->value)) goto err; if (!sk_X509_NAME_ENTRY_push(entries, tmpentry)) @@ -370,7 +342,10 @@ static int x509_name_canon(X509_NAME *a) /* Finally generate encoding */ - a->canon_enclen = i2d_name_canon(intname, NULL); + len = i2d_name_canon(intname, NULL); + if (len < 0) + goto err; + a->canon_enclen = len; p = OPENSSL_malloc(a->canon_enclen); @@ -398,7 +373,7 @@ static int x509_name_canon(X509_NAME *a) | B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \ | B_ASN1_VISIBLESTRING) -static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in) +static int asn1_string_canon(ASN1_STRING *out, const ASN1_STRING *in) { unsigned char *to, *from; int len, i; @@ -423,19 +398,20 @@ static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in) /* * Convert string in place to canonical form. Ultimately we may need to * handle a wider range of characters but for now ignore anything with - * MSB set and rely on the isspace() and tolower() functions. + * MSB set and rely on the ossl_isspace() to fail on bad characters without + * needing isascii or range checks as well. */ /* Ignore leading spaces */ - while ((len > 0) && !(*from & 0x80) && isspace(*from)) { + while (len > 0 && ossl_isspace(*from)) { from++; len--; } - to = from + len - 1; + to = from + len; /* Ignore trailing spaces */ - while ((len > 0) && !(*to & 0x80) && isspace(*to)) { + while (len > 0 && ossl_isspace(to[-1])) { to--; len--; } @@ -444,13 +420,13 @@ static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in) i = 0; while (i < len) { - /* If MSB set just copy across */ - if (*from & 0x80) { + /* If not ASCII set just copy across */ + if (!ossl_isascii(*from)) { *to++ = *from++; i++; } /* Collapse multiple spaces */ - else if (isspace(*from)) { + else if (ossl_isspace(*from)) { /* Copy one space across */ *to++ = ' '; /* @@ -462,9 +438,9 @@ static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in) from++; i++; } - while (!(*from & 0x80) && isspace(*from)); + while (ossl_isspace(*from)); } else { - *to++ = tolower(*from); + *to++ = ossl_tolower(*from); from++; i++; } @@ -497,22 +473,14 @@ static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname, int X509_NAME_set(X509_NAME **xn, X509_NAME *name) { - X509_NAME *in; - - if (!xn || !name) - return (0); - - if (*xn != name) { - in = X509_NAME_dup(name); - if (in != NULL) { - X509_NAME_free(*xn); - *xn = in; - } - } - return (*xn != NULL); + if ((name = X509_NAME_dup(name)) == NULL) + return 0; + X509_NAME_free(*xn); + *xn = name; + return 1; } -int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) +int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase) { char *s, *c, *b; int l, i; @@ -530,19 +498,10 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) c = s; for (;;) { -#ifndef CHARSET_EBCDIC - if (((*s == '/') && - ((s[1] >= 'A') && (s[1] <= 'Z') && ((s[2] == '=') || - ((s[2] >= 'A') - && (s[2] <= 'Z') - && (s[3] == '=')) - ))) || (*s == '\0')) -#else if (((*s == '/') && - (isupper(s[1]) && ((s[2] == '=') || - (isupper(s[2]) && (s[3] == '=')) + (ossl_isupper(s[1]) && ((s[2] == '=') || + (ossl_isupper(s[2]) && (s[3] == '=')) ))) || (*s == '\0')) -#endif { i = s - c; if (BIO_write(bp, c, i) != i) @@ -568,8 +527,8 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) return 0; } -int X509_NAME_get0_der(const unsigned char **pder, size_t *pderlen, - X509_NAME *nm) +int X509_NAME_get0_der(X509_NAME *nm, const unsigned char **pder, + size_t *pderlen) { /* Make sure encoding is valid */ if (i2d_X509_NAME(nm, NULL) <= 0)