*/
#include <stdio.h>
+#include <limits.h>
#include "cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/asn1.h>
#include <openssl/objects.h>
+#include <openssl/bn.h>
int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
{
unsigned char *p;
+ int objsize;
if ((a == NULL) || (a->data == NULL)) return(0);
- if (pp == NULL)
- return(ASN1_object_size(0,a->length,V_ASN1_OBJECT));
+ objsize = ASN1_object_size(0,a->length,V_ASN1_OBJECT);
+ if (pp == NULL) return objsize;
p= *pp;
ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
p+=a->length;
*pp=p;
- return(a->length);
+ return(objsize);
}
int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
{
- int i,first,len=0,c;
- char tmp[24];
+ int i,first,len=0,c, use_bn;
+ char ftmp[24], *tmp = ftmp;
+ int tmpsize = sizeof ftmp;
const char *p;
unsigned long l;
+ BIGNUM *bl = NULL;
if (num == 0)
return(0);
num--;
if ((c >= '0') && (c <= '2'))
{
- first=(c-'0')*40;
+ first= c-'0';
}
else
{
goto err;
}
l=0;
+ use_bn = 0;
for (;;)
{
if (num <= 0) break;
ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
goto err;
}
- l=l*10L+(long)(c-'0');
+ if (!use_bn && l >= ((ULONG_MAX - 80) / 10L))
+ {
+ use_bn = 1;
+ if (!bl)
+ bl = BN_new();
+ if (!bl || !BN_set_word(bl, l))
+ goto err;
+ }
+ if (use_bn)
+ {
+ if (!BN_mul_word(bl, 10L)
+ || !BN_add_word(bl, c-'0'))
+ goto err;
+ }
+ else
+ l=l*10L+(long)(c-'0');
}
if (len == 0)
{
ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE);
goto err;
}
- l+=(long)first;
+ if (use_bn)
+ {
+ if (!BN_add_word(bl, first * 40))
+ goto err;
+ }
+ else
+ l+=(long)first*40;
}
i=0;
- for (;;)
+ if (use_bn)
{
- tmp[i++]=(unsigned char)l&0x7f;
- l>>=7L;
- if (l == 0L) break;
+ int blsize;
+ blsize = BN_num_bits(bl);
+ blsize = (blsize + 6)/7;
+ if (blsize > tmpsize)
+ {
+ if (tmp != ftmp)
+ OPENSSL_free(tmp);
+ tmpsize = blsize + 32;
+ tmp = OPENSSL_malloc(tmpsize);
+ if (!tmp)
+ goto err;
+ }
+ while(blsize--)
+ tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);
+ }
+ else
+ {
+
+ for (;;)
+ {
+ tmp[i++]=(unsigned char)l&0x7f;
+ l>>=7L;
+ if (l == 0L) break;
+ }
+
}
if (out != NULL)
{
else
len+=i;
}
+ if (tmp != ftmp)
+ OPENSSL_free(tmp);
+ if (bl)
+ BN_free(bl);
return(len);
err:
+ if (tmp != ftmp)
+ OPENSSL_free(tmp);
+ if (bl)
+ BN_free(bl);
return(0);
}
int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
- {
- int i,idx=0,n=0,len,nid;
- unsigned long l;
- unsigned char *p;
- const char *s;
- char tbuf[32];
-
- if (buf_len <= 0) return(0);
-
- if ((a == NULL) || (a->data == NULL))
- {
- buf[0]='\0';
- return(0);
- }
-
- nid=OBJ_obj2nid(a);
- if (nid == NID_undef)
- {
- len=a->length;
- p=a->data;
-
- idx=0;
- l=0;
- while (idx < a->length)
- {
- l|=(p[idx]&0x7f);
- if (!(p[idx] & 0x80)) break;
- l<<=7L;
- idx++;
- }
- idx++;
- i=(int)(l/40);
- if (i > 2) i=2;
- l-=(long)(i*40);
-
- sprintf(tbuf,"%d.%lu",i,l);
- i=strlen(tbuf);
- strncpy(buf,tbuf,buf_len);
- buf_len-=i;
- buf+=i;
- n+=i;
-
- l=0;
- for (; idx<len; idx++)
- {
- l|=p[idx]&0x7f;
- if (!(p[idx] & 0x80))
- {
- sprintf(tbuf,".%lu",l);
- i=strlen(tbuf);
- if (buf_len > 0)
- strncpy(buf,tbuf,buf_len);
- buf_len-=i;
- buf+=i;
- n+=i;
- l=0;
- }
- l<<=7L;
- }
- }
- else
- {
- s=OBJ_nid2ln(nid);
- if (s == NULL)
- s=OBJ_nid2sn(nid);
- strncpy(buf,s,buf_len);
- n=strlen(s);
- }
- buf[buf_len-1]='\0';
- return(n);
- }
+{
+ return OBJ_obj2txt(buf, buf_len, a, 0);
+}
int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
{
- char buf[80];
+ char buf[80], *p = buf;
int i;
if ((a == NULL) || (a->data == NULL))
return(BIO_write(bp,"NULL",4));
- i=i2t_ASN1_OBJECT(buf,80,a);
- if (i > 80) i=80;
- BIO_write(bp,buf,i);
+ i=i2t_ASN1_OBJECT(buf,sizeof buf,a);
+ if (i > (int)(sizeof(buf) - 1))
+ {
+ p = OPENSSL_malloc(i + 1);
+ if (!p)
+ return -1;
+ i2t_ASN1_OBJECT(p,i + 1,a);
+ }
+ if (i <= 0)
+ return BIO_write(bp, "<INVALID>", 9);
+ BIO_write(bp,p,i);
+ if (p != buf)
+ OPENSSL_free(p);
return(i);
}
-ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp,
+ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
long length)
- {
- ASN1_OBJECT *ret=NULL;
- unsigned char *p;
+{
+ const unsigned char *p;
long len;
int tag,xclass;
int inf,i;
-
- /* only the ASN1_OBJECTs from the 'table' will have values
- * for ->sn or ->ln */
- if ((a == NULL) || ((*a) == NULL) ||
- !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC))
- {
- if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
- }
- else ret=(*a);
-
+ ASN1_OBJECT *ret = NULL;
p= *pp;
-
inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
if (inf & 0x80)
{
i=ASN1_R_EXPECTING_AN_OBJECT;
goto err;
}
- if ((ret->data == NULL) || (ret->length < len))
+ ret = c2i_ASN1_OBJECT(a, &p, len);
+ if(ret) *pp = p;
+ return ret;
+err:
+ ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
+ return(NULL);
+}
+ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
+ long len)
+ {
+ ASN1_OBJECT *ret=NULL;
+ const unsigned char *p;
+ unsigned char *data;
+ int i;
+ /* Sanity check OID encoding: can't have leading 0x80 in
+ * subidentifiers, see: X.690 8.19.2
+ */
+ for (i = 0, p = *pp; i < len; i++, p++)
{
- if (ret->data != NULL) Free((char *)ret->data);
- ret->data=(unsigned char *)Malloc((int)len);
- ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
- if (ret->data == NULL)
+ if (*p == 0x80 && (!i || !(p[-1] & 0x80)))
+ {
+ ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING);
+ return NULL;
+ }
+ }
+
+ /* only the ASN1_OBJECTs from the 'table' will have values
+ * for ->sn or ->ln */
+ if ((a == NULL) || ((*a) == NULL) ||
+ !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC))
+ {
+ if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
+ }
+ else ret=(*a);
+
+ p= *pp;
+ /* detach data from object */
+ data = (unsigned char *)ret->data;
+ ret->data = NULL;
+ /* once detached we can change it */
+ if ((data == NULL) || (ret->length < len))
+ {
+ ret->length=0;
+ if (data != NULL) OPENSSL_free(data);
+ data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1);
+ if (data == NULL)
{ i=ERR_R_MALLOC_FAILURE; goto err; }
+ ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
}
- memcpy(ret->data,p,(int)len);
+ memcpy(data,p,(int)len);
+ /* reattach data to object, after which it remains const */
+ ret->data =data;
ret->length=(int)len;
ret->sn=NULL;
ret->ln=NULL;
*pp=p;
return(ret);
err:
- ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
+ ASN1err(ASN1_F_C2I_ASN1_OBJECT,i);
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
ASN1_OBJECT_free(ret);
return(NULL);
{
ASN1_OBJECT *ret;
- ret=(ASN1_OBJECT *)Malloc(sizeof(ASN1_OBJECT));
+ ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT));
if (ret == NULL)
{
ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE);
if (a == NULL) return;
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS)
{
-#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause mempory leaks */
- if (a->sn != NULL) Free((void *)a->sn);
- if (a->ln != NULL) Free((void *)a->ln);
+#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */
+ if (a->sn != NULL) OPENSSL_free((void *)a->sn);
+ if (a->ln != NULL) OPENSSL_free((void *)a->ln);
#endif
a->sn=a->ln=NULL;
}
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA)
{
- if (a->data != NULL) Free(a->data);
+ if (a->data != NULL) OPENSSL_free((void *)a->data);
a->data=NULL;
a->length=0;
}
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
- Free(a);
+ OPENSSL_free(a);
}
ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
- char *sn, char *ln)
+ const char *sn, const char *ln)
{
ASN1_OBJECT o;