1 /*
2 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include "crypto/ctype.h"
12 #include "internal/cryptlib.h"
13 #include <openssl/asn1t.h>
14 #include <openssl/x509.h>
15 #include "crypto/x509.h"
16 #include "crypto/asn1.h"
17 #include "x509_local.h"
18
19 /*
20 * Maximum length of X509_NAME: much larger than anything we should
21 * ever see in practice.
22 */
23
24 #define X509_NAME_MAX (1024 * 1024)
25
26 static int x509_name_ex_d2i(ASN1_VALUE **val,
27 const unsigned char **in, long len,
28 const ASN1_ITEM *it,
29 int tag, int aclass, char opt, ASN1_TLC *ctx);
30
31 static int x509_name_ex_i2d(const ASN1_VALUE **val, unsigned char **out,
32 const ASN1_ITEM *it, int tag, int aclass);
33 static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
34 static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
35
36 static int x509_name_encode(X509_NAME *a);
37 static int x509_name_canon(X509_NAME *a);
38 static int asn1_string_canon(ASN1_STRING *out, const ASN1_STRING *in);
39 static int i2d_name_canon(const STACK_OF(STACK_OF_X509_NAME_ENTRY) * intname,
40 unsigned char **in);
41
42 static int x509_name_ex_print(BIO *out, const ASN1_VALUE **pval,
43 int indent,
44 const char *fname, const ASN1_PCTX *pctx);
45
46 ASN1_SEQUENCE(X509_NAME_ENTRY) = {
47 ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT),
48 ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_PRINTABLE)
49 } ASN1_SEQUENCE_END(X509_NAME_ENTRY)
50
51 IMPLEMENT_ASN1_FUNCTIONS(X509_NAME_ENTRY)
52 IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME_ENTRY)
53
54 /*
55 * For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY } so
56 * declare two template wrappers for this
57 */
58
59 ASN1_ITEM_TEMPLATE(X509_NAME_ENTRIES) =
60 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY)
61 static_ASN1_ITEM_TEMPLATE_END(X509_NAME_ENTRIES)
62
63 ASN1_ITEM_TEMPLATE(X509_NAME_INTERNAL) =
64 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES)
65 static_ASN1_ITEM_TEMPLATE_END(X509_NAME_INTERNAL)
66
67 /*
68 * Normally that's where it would end: we'd have two nested STACK structures
69 * representing the ASN1. Unfortunately X509_NAME uses a completely different
70 * form and caches encodings so we have to process the internal form and
71 * convert to the external form.
72 */
73
74 static const ASN1_EXTERN_FUNCS x509_name_ff = {
75 NULL,
76 x509_name_ex_new,
77 x509_name_ex_free,
78 0, /* Default clear behaviour is OK */
79 x509_name_ex_d2i,
80 x509_name_ex_i2d,
81 x509_name_ex_print
82 };
83
IMPLEMENT_EXTERN_ASN1(X509_NAME,V_ASN1_SEQUENCE,x509_name_ff)84 IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff)
85
86 IMPLEMENT_ASN1_FUNCTIONS(X509_NAME)
87
88 IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME)
89
90 static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
91 {
92 X509_NAME *ret = OPENSSL_zalloc(sizeof(*ret));
93
94 if (ret == NULL)
95 return 0;
96 if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL) {
97 ERR_raise(ERR_LIB_ASN1, ERR_R_CRYPTO_LIB);
98 goto err;
99 }
100 if ((ret->bytes = BUF_MEM_new()) == NULL) {
101 ERR_raise(ERR_LIB_ASN1, ERR_R_BUF_LIB);
102 goto err;
103 }
104 ret->modified = 1;
105 *val = (ASN1_VALUE *)ret;
106 return 1;
107
108 err:
109 if (ret) {
110 sk_X509_NAME_ENTRY_free(ret->entries);
111 OPENSSL_free(ret);
112 }
113 return 0;
114 }
115
x509_name_ex_free(ASN1_VALUE ** pval,const ASN1_ITEM * it)116 static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
117 {
118 X509_NAME *a;
119
120 if (pval == NULL || *pval == NULL)
121 return;
122 a = (X509_NAME *)*pval;
123
124 BUF_MEM_free(a->bytes);
125 sk_X509_NAME_ENTRY_pop_free(a->entries, X509_NAME_ENTRY_free);
126 OPENSSL_free(a->canon_enc);
127 OPENSSL_free(a);
128 *pval = NULL;
129 }
130
local_sk_X509_NAME_ENTRY_free(STACK_OF (X509_NAME_ENTRY)* ne)131 static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
132 {
133 sk_X509_NAME_ENTRY_free(ne);
134 }
135
local_sk_X509_NAME_ENTRY_pop_free(STACK_OF (X509_NAME_ENTRY)* ne)136 static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
137 {
138 sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
139 }
140
x509_name_ex_d2i(ASN1_VALUE ** val,const unsigned char ** in,long len,const ASN1_ITEM * it,int tag,int aclass,char opt,ASN1_TLC * ctx)141 static int x509_name_ex_d2i(ASN1_VALUE **val,
142 const unsigned char **in, long len,
143 const ASN1_ITEM *it, int tag, int aclass,
144 char opt, ASN1_TLC *ctx)
145 {
146 const unsigned char *p = *in, *q;
147 union {
148 STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
149 ASN1_VALUE *a;
150 } intname = {
151 NULL
152 };
153 union {
154 X509_NAME *x;
155 ASN1_VALUE *a;
156 } nm = {
157 NULL
158 };
159 int i, j, ret;
160 STACK_OF(X509_NAME_ENTRY) *entries;
161 X509_NAME_ENTRY *entry;
162
163 if (len > X509_NAME_MAX)
164 len = X509_NAME_MAX;
165 q = p;
166
167 /* Get internal representation of Name */
168 ret = ASN1_item_ex_d2i(&intname.a,
169 &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
170 tag, aclass, opt, ctx);
171
172 if (ret <= 0)
173 return ret;
174
175 if (*val)
176 x509_name_ex_free(val, NULL);
177 if (!x509_name_ex_new(&nm.a, NULL))
178 goto err;
179 /* We've decoded it: now cache encoding */
180 if (!BUF_MEM_grow(nm.x->bytes, p - q))
181 goto err;
182 memcpy(nm.x->bytes->data, q, p - q);
183
184 /* Convert internal representation to X509_NAME structure */
185 for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
186 entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname.s, i);
187 for (j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
188 entry = sk_X509_NAME_ENTRY_value(entries, j);
189 entry->set = i;
190 if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
191 goto err;
192 (void)sk_X509_NAME_ENTRY_set(entries, j, NULL);
193 }
194 }
195 ret = x509_name_canon(nm.x);
196 if (!ret)
197 goto err;
198 sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
199 local_sk_X509_NAME_ENTRY_free);
200 nm.x->modified = 0;
201 *val = nm.a;
202 *in = p;
203 return ret;
204
205 err:
206 if (nm.x != NULL)
207 X509_NAME_free(nm.x);
208 sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
209 local_sk_X509_NAME_ENTRY_pop_free);
210 ERR_raise(ERR_LIB_ASN1, ERR_R_NESTED_ASN1_ERROR);
211 return 0;
212 }
213
x509_name_ex_i2d(const ASN1_VALUE ** val,unsigned char ** out,const ASN1_ITEM * it,int tag,int aclass)214 static int x509_name_ex_i2d(const ASN1_VALUE **val, unsigned char **out,
215 const ASN1_ITEM *it, int tag, int aclass)
216 {
217 int ret;
218 X509_NAME *a = (X509_NAME *)*val;
219
220 if (a->modified) {
221 ret = x509_name_encode(a);
222 if (ret < 0)
223 return ret;
224 ret = x509_name_canon(a);
225 if (!ret)
226 return -1;
227 }
228 ret = a->bytes->length;
229 if (out != NULL) {
230 memcpy(*out, a->bytes->data, ret);
231 *out += ret;
232 }
233 return ret;
234 }
235
x509_name_encode(X509_NAME * a)236 static int x509_name_encode(X509_NAME *a)
237 {
238 union {
239 STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
240 const ASN1_VALUE *a;
241 } intname = {
242 NULL
243 };
244 int len;
245 unsigned char *p;
246 STACK_OF(X509_NAME_ENTRY) *entries = NULL;
247 X509_NAME_ENTRY *entry;
248 int i, set = -1;
249
250 intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null();
251 if (!intname.s)
252 goto cerr;
253 for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
254 entry = sk_X509_NAME_ENTRY_value(a->entries, i);
255 if (entry->set != set) {
256 entries = sk_X509_NAME_ENTRY_new_null();
257 if (!entries)
258 goto cerr;
259 if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries)) {
260 sk_X509_NAME_ENTRY_free(entries);
261 goto cerr;
262 }
263 set = entry->set;
264 }
265 if (!sk_X509_NAME_ENTRY_push(entries, entry))
266 goto cerr;
267 }
268 len = ASN1_item_ex_i2d(&intname.a, NULL,
269 ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
270 if (!BUF_MEM_grow(a->bytes, len)) {
271 ERR_raise(ERR_LIB_ASN1, ERR_R_BUF_LIB);
272 goto err;
273 }
274 p = (unsigned char *)a->bytes->data;
275 ASN1_item_ex_i2d(&intname.a,
276 &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
277 sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
278 local_sk_X509_NAME_ENTRY_free);
279 a->modified = 0;
280 return len;
281 cerr:
282 ERR_raise(ERR_LIB_ASN1, ERR_R_CRYPTO_LIB);
283 err:
284 sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
285 local_sk_X509_NAME_ENTRY_free);
286 return -1;
287 }
288
x509_name_ex_print(BIO * out,const ASN1_VALUE ** pval,int indent,const char * fname,const ASN1_PCTX * pctx)289 static int x509_name_ex_print(BIO *out, const ASN1_VALUE **pval,
290 int indent,
291 const char *fname, const ASN1_PCTX *pctx)
292 {
293 if (X509_NAME_print_ex(out, (const X509_NAME *)*pval,
294 indent, pctx->nm_flags) <= 0)
295 return 0;
296 return 2;
297 }
298
299 /*
300 * This function generates the canonical encoding of the Name structure. In
301 * it all strings are converted to UTF8, leading, trailing and multiple
302 * spaces collapsed, converted to lower case and the leading SEQUENCE header
303 * removed. In future we could also normalize the UTF8 too. By doing this
304 * comparison of Name structures can be rapidly performed by just using
305 * memcmp() of the canonical encoding. By omitting the leading SEQUENCE name
306 * constraints of type dirName can also be checked with a simple memcmp().
307 * NOTE: For empty X509_NAME (NULL-DN), canon_enclen == 0 && canon_enc == NULL
308 */
309
x509_name_canon(X509_NAME * a)310 static int x509_name_canon(X509_NAME *a)
311 {
312 unsigned char *p;
313 STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname;
314 STACK_OF(X509_NAME_ENTRY) *entries = NULL;
315 X509_NAME_ENTRY *entry, *tmpentry = NULL;
316 int i, set = -1, ret = 0, len;
317
318 OPENSSL_free(a->canon_enc);
319 a->canon_enc = NULL;
320 /* Special case: empty X509_NAME => null encoding */
321 if (sk_X509_NAME_ENTRY_num(a->entries) == 0) {
322 a->canon_enclen = 0;
323 return 1;
324 }
325 intname = sk_STACK_OF_X509_NAME_ENTRY_new_null();
326 if (intname == NULL) {
327 ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
328 goto err;
329 }
330 for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
331 entry = sk_X509_NAME_ENTRY_value(a->entries, i);
332 if (entry->set != set) {
333 entries = sk_X509_NAME_ENTRY_new_null();
334 if (entries == NULL)
335 goto err;
336 if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries)) {
337 sk_X509_NAME_ENTRY_free(entries);
338 ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
339 goto err;
340 }
341 set = entry->set;
342 }
343 tmpentry = X509_NAME_ENTRY_new();
344 if (tmpentry == NULL) {
345 ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
346 goto err;
347 }
348 tmpentry->object = OBJ_dup(entry->object);
349 if (tmpentry->object == NULL) {
350 ERR_raise(ERR_LIB_X509, ERR_R_OBJ_LIB);
351 goto err;
352 }
353 if (!asn1_string_canon(tmpentry->value, entry->value))
354 goto err;
355 if (!sk_X509_NAME_ENTRY_push(entries, tmpentry)) {
356 ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
357 goto err;
358 }
359 tmpentry = NULL;
360 }
361
362 /* Finally generate encoding */
363 len = i2d_name_canon(intname, NULL);
364 if (len < 0)
365 goto err;
366 a->canon_enclen = len;
367
368 p = OPENSSL_malloc(a->canon_enclen);
369 if (p == NULL)
370 goto err;
371
372 a->canon_enc = p;
373
374 i2d_name_canon(intname, &p);
375
376 ret = 1;
377
378 err:
379 X509_NAME_ENTRY_free(tmpentry);
380 sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
381 local_sk_X509_NAME_ENTRY_pop_free);
382 return ret;
383 }
384
385 /* Bitmap of all the types of string that will be canonicalized. */
386
387 #define ASN1_MASK_CANON \
388 (B_ASN1_UTF8STRING | B_ASN1_BMPSTRING | B_ASN1_UNIVERSALSTRING \
389 | B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \
390 | B_ASN1_VISIBLESTRING)
391
asn1_string_canon(ASN1_STRING * out,const ASN1_STRING * in)392 static int asn1_string_canon(ASN1_STRING *out, const ASN1_STRING *in)
393 {
394 unsigned char *to, *from;
395 int len, i;
396
397 /* If type not in bitmask just copy string across */
398 if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) {
399 if (!ASN1_STRING_copy(out, in))
400 return 0;
401 return 1;
402 }
403
404 out->type = V_ASN1_UTF8STRING;
405 out->length = ASN1_STRING_to_UTF8(&out->data, in);
406 if (out->length == -1)
407 return 0;
408
409 to = out->data;
410 from = to;
411
412 len = out->length;
413
414 /*
415 * Convert string in place to canonical form. Ultimately we may need to
416 * handle a wider range of characters but for now ignore anything with
417 * MSB set and rely on the ossl_isspace() to fail on bad characters without
418 * needing isascii or range checks as well.
419 */
420
421 /* Ignore leading spaces */
422 while (len > 0 && ossl_isspace(*from)) {
423 from++;
424 len--;
425 }
426
427 to = from + len;
428
429 /* Ignore trailing spaces */
430 while (len > 0 && ossl_isspace(to[-1])) {
431 to--;
432 len--;
433 }
434
435 to = out->data;
436
437 i = 0;
438 while (i < len) {
439 /* If not ASCII set just copy across */
440 if (!ossl_isascii(*from)) {
441 *to++ = *from++;
442 i++;
443 }
444 /* Collapse multiple spaces */
445 else if (ossl_isspace(*from)) {
446 /* Copy one space across */
447 *to++ = ' ';
448 /*
449 * Ignore subsequent spaces. Note: don't need to check len here
450 * because we know the last character is a non-space so we can't
451 * overflow.
452 */
453 do {
454 from++;
455 i++;
456 }
457 while (ossl_isspace(*from));
458 } else {
459 *to++ = ossl_tolower(*from);
460 from++;
461 i++;
462 }
463 }
464
465 out->length = to - out->data;
466
467 return 1;
468
469 }
470
i2d_name_canon(const STACK_OF (STACK_OF_X509_NAME_ENTRY)* _intname,unsigned char ** in)471 static int i2d_name_canon(const STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname,
472 unsigned char **in)
473 {
474 int i, len, ltmp;
475 const ASN1_VALUE *v;
476 STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname;
477
478 len = 0;
479 for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) {
480 v = sk_ASN1_VALUE_value(intname, i);
481 ltmp = ASN1_item_ex_i2d(&v, in,
482 ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
483 if (ltmp < 0 || len > INT_MAX - ltmp)
484 return -1;
485 len += ltmp;
486 }
487 return len;
488 }
489
X509_NAME_set(X509_NAME ** xn,const X509_NAME * name)490 int X509_NAME_set(X509_NAME **xn, const X509_NAME *name)
491 {
492 X509_NAME *name_copy;
493
494 if (*xn == name)
495 return *xn != NULL;
496 if ((name_copy = X509_NAME_dup(name)) == NULL)
497 return 0;
498 X509_NAME_free(*xn);
499 *xn = name_copy;
500 return 1;
501 }
502
X509_NAME_print(BIO * bp,const X509_NAME * name,int obase)503 int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase)
504 {
505 char *s, *c, *b;
506 int i;
507
508 b = X509_NAME_oneline(name, NULL, 0);
509 if (b == NULL)
510 return 0;
511 if (*b == '\0') {
512 OPENSSL_free(b);
513 return 1;
514 }
515 s = b + 1; /* skip the first slash */
516
517 c = s;
518 for (;;) {
519 if (((*s == '/') &&
520 (ossl_isupper(s[1]) && ((s[2] == '=') ||
521 (ossl_isupper(s[2]) && (s[3] == '='))
522 ))) || (*s == '\0'))
523 {
524 i = s - c;
525 if (BIO_write(bp, c, i) != i)
526 goto err;
527 c = s + 1; /* skip following slash */
528 if (*s != '\0') {
529 if (BIO_write(bp, ", ", 2) != 2)
530 goto err;
531 }
532 }
533 if (*s == '\0')
534 break;
535 s++;
536 }
537
538 OPENSSL_free(b);
539 return 1;
540 err:
541 ERR_raise(ERR_LIB_X509, ERR_R_BUF_LIB);
542 OPENSSL_free(b);
543 return 0;
544 }
545
X509_NAME_get0_der(const X509_NAME * nm,const unsigned char ** pder,size_t * pderlen)546 int X509_NAME_get0_der(const X509_NAME *nm, const unsigned char **pder,
547 size_t *pderlen)
548 {
549 /* Make sure encoding is valid */
550 if (i2d_X509_NAME(nm, NULL) <= 0)
551 return 0;
552 if (pder != NULL)
553 *pder = (unsigned char *)nm->bytes->data;
554 if (pderlen != NULL)
555 *pderlen = nm->bytes->length;
556 return 1;
557 }
558