2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "internal/cryptlib.h"
12 #include <openssl/objects.h>
13 #include <openssl/x509.h>
14 #include <openssl/buffer.h>
15 #include "crypto/x509.h"
16 #include "crypto/ctype.h"
19 * Limit to ensure we don't overflow: much greater than
20 * anything encountered in practice.
23 #define NAME_ONELINE_MAX (1024 * 1024)
25 char *X509_NAME_oneline(const X509_NAME *a, char *buf, int len)
27 const X509_NAME_ENTRY *ne;
29 int n, lold, l, l1, l2, num, j, type;
35 static const char hex[17] = "0123456789ABCDEF";
39 unsigned char ebcdic_buf[1024];
43 if ((b = BUF_MEM_new()) == NULL)
45 if (!BUF_MEM_grow(b, 200))
49 } else if (len == 0) {
57 strncpy(buf, "NO X509_NAME", len);
62 len--; /* space for '\0' */
64 for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
65 ne = sk_X509_NAME_ENTRY_value(a->entries, i);
66 n = OBJ_obj2nid(ne->object);
67 if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
68 i2t_ASN1_OBJECT(tmp_buf, sizeof(tmp_buf), ne->object);
73 type = ne->value->type;
74 num = ne->value->length;
75 if (num > NAME_ONELINE_MAX) {
76 X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
81 if (type == V_ASN1_GENERALSTRING ||
82 type == V_ASN1_VISIBLESTRING ||
83 type == V_ASN1_PRINTABLESTRING ||
84 type == V_ASN1_TELETEXSTRING ||
85 type == V_ASN1_IA5STRING) {
86 if (num > (int)sizeof(ebcdic_buf))
87 num = sizeof(ebcdic_buf);
88 ascii2ebcdic(ebcdic_buf, q, num);
93 if ((type == V_ASN1_GENERALSTRING) && ((num % 4) == 0)) {
94 gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 0;
95 for (j = 0; j < num; j++)
99 if (gs_doit[0] | gs_doit[1] | gs_doit[2])
100 gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
102 gs_doit[0] = gs_doit[1] = gs_doit[2] = 0;
106 gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
108 for (l2 = j = 0; j < num; j++) {
112 if (q[j] == '/' || q[j] == '+')
113 l2++; /* char needs to be escaped */
114 else if ((ossl_toascii(q[j]) < ossl_toascii(' ')) ||
115 (ossl_toascii(q[j]) > ossl_toascii('~')))
120 l += 1 + l1 + 1 + l2;
121 if (l > NAME_ONELINE_MAX) {
122 X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
126 if (!BUF_MEM_grow(b, l + 1))
128 p = &(b->data[lold]);
129 } else if (l > len) {
133 *(p++) = prev_set == ne->set ? '+' : '/';
134 memcpy(p, s, (unsigned int)l1);
138 #ifndef CHARSET_EBCDIC /* q was assigned above already. */
142 for (j = 0; j < num; j++) {
145 #ifndef CHARSET_EBCDIC
147 if ((n < ' ') || (n > '~')) {
150 *(p++) = hex[(n >> 4) & 0x0f];
151 *(p++) = hex[n & 0x0f];
153 if (n == '/' || n == '+')
158 n = os_toascii[q[j]];
159 if ((n < os_toascii[' ']) || (n > os_toascii['~'])) {
162 *(p++) = hex[(n >> 4) & 0x0f];
163 *(p++) = hex[n & 0x0f];
165 if (n == os_toascii['/'] || n == os_toascii['+'])
183 X509err(X509_F_X509_NAME_ONELINE, ERR_R_MALLOC_FAILURE);