rewritten ASN.1 handling string subsystems to use the new libtasn1 APIs.

parent bc9bea2b
......@@ -4,7 +4,7 @@
#include <libtasn1.h>
const ASN1_ARRAY_TYPE gnutls_asn1_tab[] = {
const asn1_static_node gnutls_asn1_tab[] = {
{ "GNUTLS", 536872976, NULL },
{ NULL, 1073741836, NULL },
{ "RSAPublicKey", 1610612741, NULL },
......
......@@ -4,7 +4,7 @@
#include <libtasn1.h>
const ASN1_ARRAY_TYPE pkix_asn1_tab[] = {
const asn1_static_node pkix_asn1_tab[] = {
{ "PKIX1", 536875024, NULL },
{ NULL, 1073741836, NULL },
{ "id-pkix", 1879048204, NULL },
......@@ -16,9 +16,9 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[] = {
{ "mechanisms", 1073741825, "5"},
{ "pkix", 1, "7"},
{ "PrivateKeyUsagePeriod", 1610612741, NULL },
{ "notBefore", 1619025937, NULL },
{ "notBefore", 1610637349, NULL },
{ NULL, 4104, "0"},
{ "notAfter", 545284113, NULL },
{ "notAfter", 536895525, NULL },
{ NULL, 4104, "1"},
{ "AuthorityKeyIdentifier", 1610612741, NULL },
{ "keyIdentifier", 1610637314, "KeyIdentifier"},
......@@ -31,17 +31,17 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[] = {
{ "SubjectKeyIdentifier", 1073741826, "KeyIdentifier"},
{ "KeyUsage", 1073741830, NULL },
{ "DirectoryString", 1610612754, NULL },
{ "teletexString", 1612709890, "TeletexString"},
{ "teletexString", 1612709918, NULL },
{ "MAX", 524298, "1"},
{ "printableString", 1612709890, "PrintableString"},
{ "printableString", 1612709919, NULL },
{ "MAX", 524298, "1"},
{ "universalString", 1612709890, "UniversalString"},
{ "universalString", 1612709920, NULL },
{ "MAX", 524298, "1"},
{ "utf8String", 1612709890, "UTF8String"},
{ "utf8String", 1612709922, NULL },
{ "MAX", 524298, "1"},
{ "bmpString", 1612709890, "BMPString"},
{ "bmpString", 1612709921, NULL },
{ "MAX", 524298, "1"},
{ "ia5String", 538968066, "IA5String"},
{ "ia5String", 538968093, NULL },
{ "MAX", 524298, "1"},
{ "SubjectAltName", 1073741826, "GeneralNames"},
{ "GeneralNames", 1612709899, NULL },
......@@ -50,9 +50,9 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[] = {
{ "GeneralName", 1610612754, NULL },
{ "otherName", 1610620930, "AnotherName"},
{ NULL, 4104, "0"},
{ "rfc822Name", 1610620930, "IA5String"},
{ "rfc822Name", 1610620957, NULL },
{ NULL, 4104, "1"},
{ "dNSName", 1610620930, "IA5String"},
{ "dNSName", 1610620957, NULL },
{ NULL, 4104, "2"},
{ "x400Address", 1610620941, NULL },
{ NULL, 4104, "3"},
......@@ -60,7 +60,7 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[] = {
{ NULL, 2056, "4"},
{ "ediPartyName", 1610620941, NULL },
{ NULL, 4104, "5"},
{ "uniformResourceIdentifier", 1610620930, "IA5String"},
{ "uniformResourceIdentifier", 1610620957, NULL },
{ NULL, 4104, "6"},
{ "iPAddress", 1610620935, NULL },
{ NULL, 4104, "7"},
......@@ -174,8 +174,8 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[] = {
{ "notBefore", 1073741826, "Time"},
{ "notAfter", 2, "Time"},
{ "Time", 1610612754, NULL },
{ "utcTime", 1090519057, NULL },
{ "generalTime", 8388625, NULL },
{ "utcTime", 1073741860, NULL },
{ "generalTime", 37, NULL },
{ "UniqueIdentifier", 1073741830, NULL },
{ "SubjectPublicKeyInfo", 1610612741, NULL },
{ "algorithm", 1073741826, "AlgorithmIdentifier"},
......@@ -227,20 +227,20 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[] = {
{ "g", 3, NULL },
{ "CountryName", 1610620946, NULL },
{ NULL, 1073746952, "1"},
{ "x121-dcc-code", 1612709890, "NumericString"},
{ "x121-dcc-code", 1612709916, NULL },
{ NULL, 1048586, "ub-country-name-numeric-length"},
{ "iso-3166-alpha2-code", 538968066, "PrintableString"},
{ "iso-3166-alpha2-code", 538968095, NULL },
{ NULL, 1048586, "ub-country-name-alpha-length"},
{ "OrganizationName", 1612709890, "PrintableString"},
{ "OrganizationName", 1612709919, NULL },
{ "ub-organization-name-length", 524298, "1"},
{ "NumericUserIdentifier", 1612709890, "NumericString"},
{ "NumericUserIdentifier", 1612709916, NULL },
{ "ub-numeric-user-id-length", 524298, "1"},
{ "OrganizationalUnitNames", 1612709899, NULL },
{ "ub-organizational-units", 1074266122, "1"},
{ NULL, 2, "OrganizationalUnitName"},
{ "OrganizationalUnitName", 1612709890, "PrintableString"},
{ "OrganizationalUnitName", 1612709919, NULL },
{ "ub-organizational-unit-name-length", 524298, "1"},
{ "CommonName", 1073741826, "PrintableString"},
{ "CommonName", 1073741855, NULL },
{ "pkcs-7-ContentInfo", 1610612741, NULL },
{ "contentType", 1073741826, "pkcs-7-ContentType"},
{ "content", 541073421, NULL },
......@@ -294,8 +294,8 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[] = {
{ NULL, 1073741825, "9"},
{ NULL, 1, "7"},
{ "pkcs-9-challengePassword", 1610612754, NULL },
{ "printableString", 1073741826, "PrintableString"},
{ "utf8String", 2, "UTF8String"},
{ "printableString", 1073741855, NULL },
{ "utf8String", 34, NULL },
{ "pkcs-9-localKeyId", 1073741831, NULL },
{ "pkcs-8-PrivateKeyInfo", 1610612741, NULL },
{ "version", 1073741827, NULL },
......@@ -402,7 +402,7 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[] = {
{ "policyQualifierId", 1073741836, NULL },
{ "qualifier", 541065229, NULL },
{ "policyQualifierId", 1, NULL },
{ "CPSuri", 1073741826, "IA5String"},
{ "CPSuri", 1073741853, NULL },
{ "UserNotice", 1610612741, NULL },
{ "noticeRef", 1073758210, "NoticeReference"},
{ "explicitText", 16386, "DisplayText"},
......@@ -411,13 +411,13 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[] = {
{ "noticeNumbers", 536870923, NULL },
{ NULL, 3, NULL },
{ "DisplayText", 1610612754, NULL },
{ "ia5String", 1612709890, "IA5String"},
{ "ia5String", 1612709917, NULL },
{ "200", 524298, "1"},
{ "visibleString", 1612709890, "VisibleString"},
{ "visibleString", 1612709923, NULL },
{ "200", 524298, "1"},
{ "bmpString", 1612709890, "BMPString"},
{ "bmpString", 1612709921, NULL },
{ "200", 524298, "1"},
{ "utf8String", 538968066, "UTF8String"},
{ "utf8String", 538968098, NULL },
{ "200", 524298, "1"},
{ "OCSPRequest", 1610612741, NULL },
{ "tbsRequest", 1073741826, "TBSRequest"},
......@@ -474,7 +474,7 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[] = {
{ NULL, 1073741833, "0"},
{ NULL, 2056, "0"},
{ "responderID", 1073741826, "ResponderID"},
{ "producedAt", 1082130449, NULL },
{ "producedAt", 1073741861, NULL },
{ "responses", 1610612747, NULL },
{ NULL, 2, "SingleResponse"},
{ "responseExtensions", 536895490, "Extensions"},
......@@ -487,8 +487,8 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[] = {
{ "SingleResponse", 1610612741, NULL },
{ "certID", 1073741826, "CertID"},
{ "certStatus", 1073741826, "CertStatus"},
{ "thisUpdate", 1082130449, NULL },
{ "nextUpdate", 1619025937, NULL },
{ "thisUpdate", 1073741861, NULL },
{ "nextUpdate", 1610637349, NULL },
{ NULL, 2056, "0"},
{ "singleExtensions", 536895490, "Extensions"},
{ NULL, 2056, "1"},
......@@ -500,7 +500,7 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[] = {
{ "unknown", 536879106, "UnknownInfo"},
{ NULL, 4104, "2"},
{ "RevokedInfo", 1610612741, NULL },
{ "revocationTime", 1082130449, NULL },
{ "revocationTime", 1073741861, NULL },
{ "revocationReason", 536895490, "CRLReason"},
{ NULL, 2056, "0"},
{ "UnknownInfo", 1073741844, NULL },
......
......@@ -381,7 +381,7 @@ gnutls_datum_t asn1 = { NULL, 0 };
return ret;
}
ret = _gnutls_x509_decode_string(NULL, asn1.data, asn1.size, &td);
ret = _gnutls_x509_decode_string(ASN1_ETYPE_OCTET_STRING, asn1.data, asn1.size, &td);
if (ret < 0)
{
gnutls_assert();
......@@ -1361,7 +1361,7 @@ uint8_t buf[32];
if (format == GNUTLS_TPMKEY_FMT_CTK_PEM)
{
ret = _gnutls_x509_encode_string(NULL, tdata, tint, &tmpkey);
ret = _gnutls_x509_encode_string(ASN1_ETYPE_OCTET_STRING, tdata, tint, &tmpkey);
if (ret < 0)
{
gnutls_assert();
......
This diff is collapsed.
......@@ -66,35 +66,21 @@
#define ASN1_NULL "\x05\x00"
#define ASN1_NULL_SIZE 2
typedef enum x509_string_type {
RV_RAW,
RV_OCTET_STRING,
RV_BIT_STRING,
RV_IA5STRING,
RV_UTF8STRING
} x509_string_type;
int _gnutls_x509_set_time (ASN1_TYPE c2, const char *where, time_t tim, int general);
int _gnutls_x509_decode_string (const char *string_type,
int _gnutls_x509_decode_string (unsigned int etype,
const uint8_t * der, size_t der_size,
gnutls_datum_t *output);
int _gnutls_x509_encode_string(const char* string_type,
int _gnutls_x509_encode_string(unsigned int etype,
const void* input_data, size_t input_size,
gnutls_datum_t* output);
int _gnutls_x509_oid_data2string (const char *OID, void *value,
int value_size, char *res,
size_t * res_size);
int _gnutls_x509_dn_to_string (const char *OID, void *value,
int value_size, gnutls_datum_t* out);
int _gnutls_x509_data2hex (const void * data, size_t data_size,
void * out, size_t * sizeof_out);
const char *_gnutls_x509_oid2asn_string (const char *oid);
int _gnutls_x509_oid_data_choice (const char *OID);
int _gnutls_x509_oid_data_printable (const char *OID);
time_t _gnutls_x509_get_time (ASN1_TYPE c2, const char *when, int general);
gnutls_x509_subject_alt_name_t _gnutls_x509_san_find_type (char *str_type);
......@@ -124,9 +110,12 @@ int _gnutls_x509_export_int_named2 (ASN1_TYPE asn1_data, const char *name,
int _gnutls_x509_read_value (ASN1_TYPE c, const char *root,
gnutls_datum_t * ret);
int _gnutls_x509_read_string (ASN1_TYPE c, const char *root,
gnutls_datum_t * ret, x509_string_type type);
gnutls_datum_t * ret, unsigned int etype);
int _gnutls_x509_write_value (ASN1_TYPE c, const char *root,
const gnutls_datum_t * data, x509_string_type type);
const gnutls_datum_t * data);
int _gnutls_x509_write_string (ASN1_TYPE c, const char *root,
const gnutls_datum_t * data, unsigned int etype);
int _gnutls_x509_encode_and_write_attribute (const char *given_oid,
ASN1_TYPE asn1_struct,
......@@ -183,4 +172,6 @@ int set_extension (ASN1_TYPE asn, const char *root,
const char *ext_id,
const gnutls_datum_t * ext_data, unsigned int critical);
int _gnutls_strdatum_to_buf (gnutls_datum_t * d, void* buf, size_t * sizeof_buf);
#endif
......@@ -215,17 +215,25 @@ gnutls_x509_crl_get_issuer_dn_by_oid (gnutls_x509_crl_t crl,
unsigned int raw_flag, void *buf,
size_t * sizeof_buf)
{
gnutls_datum_t td;
int ret;
if (crl == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
return _gnutls_x509_parse_dn_oid (crl->crl,
ret = _gnutls_x509_parse_dn_oid (crl->crl,
"tbsCertList.issuer.rdnSequence",
oid, indx, raw_flag, buf, sizeof_buf);
oid, indx, raw_flag, &td);
if (ret < 0)
return gnutls_assert_val(ret);
return _gnutls_strdatum_to_buf (&td, buf, sizeof_buf);
}
/**
* gnutls_x509_crl_get_dn_oid:
* @crl: should contain a gnutls_x509_crl_t structure
......
......@@ -285,16 +285,23 @@ gnutls_x509_crq_get_dn_by_oid (gnutls_x509_crq_t crq, const char *oid,
int indx, unsigned int raw_flag,
void *buf, size_t * sizeof_buf)
{
gnutls_datum_t td;
int ret;
if (crq == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
return _gnutls_x509_parse_dn_oid
ret = _gnutls_x509_parse_dn_oid
(crq->crq,
"certificationRequestInfo.subject.rdnSequence",
oid, indx, raw_flag, buf, sizeof_buf);
oid, indx, raw_flag, &td);
if (ret < 0)
return gnutls_assert_val(ret);
return _gnutls_strdatum_to_buf (&td, buf, sizeof_buf);
}
/**
......@@ -339,14 +346,15 @@ gnutls_x509_crq_get_dn_oid (gnutls_x509_crq_t crq,
static int
parse_attribute (ASN1_TYPE asn1_struct,
const char *attr_name, const char *given_oid, int indx,
int raw, char *buf, size_t * sizeof_buf)
int raw, gnutls_datum_t * out)
{
int k1, result;
char tmpbuffer1[ASN1_MAX_NAME_SIZE];
char tmpbuffer3[ASN1_MAX_NAME_SIZE];
char value[200];
gnutls_datum_t td;
char oid[MAX_OID_SIZE];
int len, printable;
int len;
k1 = 0;
do
......@@ -404,7 +412,7 @@ parse_attribute (ASN1_TYPE asn1_struct,
tmpbuffer1, indx + 1);
len = sizeof (value) - 1;
result = asn1_read_value (asn1_struct, tmpbuffer3, value, &len);
result = _gnutls_x509_read_value (asn1_struct, tmpbuffer3, &td);
if (result != ASN1_SUCCESS)
{
......@@ -415,38 +423,25 @@ parse_attribute (ASN1_TYPE asn1_struct,
if (raw == 0)
{
printable = _gnutls_x509_oid_data_printable (oid);
if (printable == 1)
{
if ((result =
_gnutls_x509_oid_data2string
(oid, value, len, buf, sizeof_buf)) < 0)
{
gnutls_assert ();
goto cleanup;
}
return 0;
}
else
result =
_gnutls_x509_dn_to_string
(oid, td.data, td.size, out);
_gnutls_free_datum(&td);
if (result < 0)
{
gnutls_assert ();
return GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE;
goto cleanup;
}
return 0;
}
else
{ /* raw!=0 */
if (*sizeof_buf >= (size_t) len && buf != NULL)
{
*sizeof_buf = len;
memcpy (buf, value, len);
return 0;
}
else
{
*sizeof_buf = len;
return GNUTLS_E_SHORT_MEMORY_BUFFER;
}
out->data = td.data;
out->size = td.size;
return 0;
}
}
......@@ -464,8 +459,8 @@ cleanup:
/**
* gnutls_x509_crq_get_challenge_password:
* @crq: should contain a #gnutls_x509_crq_t structure
* @pass: will hold a (0)-terminated password string
* @sizeof_pass: Initially holds the size of @pass.
* @buf: will hold a (0)-terminated password string
* @sizeof_buf: Initially holds the size of @pass.
*
* This function will return the challenge password in the request.
* The challenge password is intended to be used for requesting a
......@@ -476,16 +471,23 @@ cleanup:
**/
int
gnutls_x509_crq_get_challenge_password (gnutls_x509_crq_t crq,
char *pass, size_t * sizeof_pass)
char *buf, size_t * sizeof_buf)
{
gnutls_datum_t td;
int ret;
if (crq == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
return parse_attribute (crq->crq, "certificationRequestInfo.attributes",
"1.2.840.113549.1.9.7", 0, 0, pass, sizeof_pass);
ret = parse_attribute (crq->crq, "certificationRequestInfo.attributes",
"1.2.840.113549.1.9.7", 0, 0, &td);
if (ret < 0)
return gnutls_assert_val(ret);
return _gnutls_strdatum_to_buf (&td, buf, sizeof_buf);
}
/* This function will attempt to set the requested attribute in
......@@ -531,7 +533,7 @@ add_attribute (ASN1_TYPE asn, const char *root, const char *attribute_id,
snprintf (name, sizeof (name), "%s.?LAST.values.?LAST", root);
result = _gnutls_x509_write_value (asn, name, ext_data, 0);
result = _gnutls_x509_write_value (asn, name, ext_data);
if (result < 0)
{
gnutls_assert ();
......@@ -556,7 +558,7 @@ overwrite_attribute (ASN1_TYPE asn, const char *root, unsigned int indx,
_gnutls_str_cpy (name2, sizeof (name2), name);
_gnutls_str_cat (name2, sizeof (name2), ".values.?LAST");
result = _gnutls_x509_write_value (asn, name2, ext_data, 0);
result = _gnutls_x509_write_value (asn, name2, ext_data);
if (result < 0)
{
gnutls_assert ();
......@@ -700,14 +702,21 @@ gnutls_x509_crq_get_attribute_by_oid (gnutls_x509_crq_t crq,
const char *oid, int indx, void *buf,
size_t * sizeof_buf)
{
int ret;
gnutls_datum_t td;
if (crq == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
return parse_attribute (crq->crq, "certificationRequestInfo.attributes",
oid, indx, 1, buf, sizeof_buf);
ret = parse_attribute (crq->crq, "certificationRequestInfo.attributes",
oid, indx, 1, &td);
if (ret < 0)
return gnutls_assert_val(ret);
return _gnutls_strdatum_to_buf (&td, buf, sizeof_buf);
}
/**
......
......@@ -78,12 +78,12 @@ _gnutls_x509_parse_dn (ASN1_TYPE asn1_struct,
char tmpbuffer2[ASN1_MAX_NAME_SIZE];
char tmpbuffer3[ASN1_MAX_NAME_SIZE];
uint8_t value[MAX_STRING_LEN], *value2 = NULL;
gnutls_datum_t td;
char *escaped = NULL;
const char *ldap_desc;
char oid[MAX_OID_SIZE];
int len, printable;
char *string = NULL;
size_t sizeof_string, sizeof_escaped;
int len;
size_t sizeof_escaped;
if (sizeof_buf == NULL)
{
......@@ -226,7 +226,6 @@ _gnutls_x509_parse_dn (ASN1_TYPE asn1_struct,
}
ldap_desc = gnutls_x509_dn_oid_name (oid, GNUTLS_X509_DN_OID_RETURN_OID);
printable = _gnutls_x509_oid_data_printable (oid);
/* leading #, hex encoded value and terminating NULL */
sizeof_escaped = 2 * len + 2;
......@@ -239,43 +238,22 @@ _gnutls_x509_parse_dn (ASN1_TYPE asn1_struct,
goto cleanup;
}
sizeof_string = 2 * len + 2; /* in case it is not printable */
string = gnutls_malloc (sizeof_string);
if (string == NULL)
{
gnutls_assert ();
result = GNUTLS_E_MEMORY_ERROR;
goto cleanup;
}
STR_APPEND (ldap_desc);
STR_APPEND ("=");
result = 0;
if (printable)
result =
_gnutls_x509_oid_data2string (oid,
value2, len,
string, &sizeof_string);
if (!printable || result < 0)
result =
_gnutls_x509_data2hex (value2, len, string, &sizeof_string);
result =
_gnutls_x509_dn_to_string (oid, value2, len, &td);
if (result < 0)
{
gnutls_assert ();
_gnutls_debug_log
("Found OID: '%s' with value '%s'\n",
("Cannot parse OID: '%s' with value '%s'\n",
oid, _gnutls_bin2hex (value2, len, escaped, sizeof_escaped,
NULL));
goto cleanup;
}
STR_APPEND (str_escape (string, escaped, sizeof_escaped));
gnutls_free (string);
string = NULL;
STR_APPEND (str_escape ((char*)td.data, escaped, sizeof_escaped));
_gnutls_free_datum (&td);
gnutls_free (escaped);
escaped = NULL;
gnutls_free (value2);
......@@ -307,7 +285,6 @@ _gnutls_x509_parse_dn (ASN1_TYPE asn1_struct,
cleanup:
gnutls_free (value2);
gnutls_free (string);
gnutls_free (escaped);
_gnutls_buffer_clear (&out_str);
return result;
......@@ -330,22 +307,17 @@ _gnutls_x509_parse_dn_oid (ASN1_TYPE asn1_struct,
const char *asn1_rdn_name,
const char *given_oid, int indx,
unsigned int raw_flag,
void *buf, size_t * sizeof_buf)
gnutls_datum_t* out)
{
int k2, k1, result;
char tmpbuffer1[ASN1_MAX_NAME_SIZE];
char tmpbuffer2[ASN1_MAX_NAME_SIZE];
char tmpbuffer3[ASN1_MAX_NAME_SIZE];
gnutls_datum_t td;
uint8_t value[256];
char oid[MAX_OID_SIZE];
int len, printable;
int len;
int i = 0;
char *cbuf = buf;
if (cbuf == NULL)
*sizeof_buf = 0;
else
cbuf[0] = 0;
k1 = 0;
do
......@@ -431,43 +403,26 @@ _gnutls_x509_parse_dn_oid (ASN1_TYPE asn1_struct,
_gnutls_str_cpy (tmpbuffer3, sizeof (tmpbuffer3), tmpbuffer2);
_gnutls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".value");
len = *sizeof_buf;
result = asn1_read_value (asn1_struct, tmpbuffer3, buf, &len);
if (result != ASN1_SUCCESS)
result = _gnutls_x509_read_value(asn1_struct, tmpbuffer3, &td);
if (result < 0)
{
gnutls_assert ();
if (result == ASN1_MEM_ERROR)
*sizeof_buf = len;
result = _gnutls_asn2err (result);
goto cleanup;
}
if (raw_flag != 0)
{
if ((unsigned) len > *sizeof_buf)
{
*sizeof_buf = len;
result = GNUTLS_E_SHORT_MEMORY_BUFFER;
goto cleanup;
}
*sizeof_buf = len;
out->data = td.data;
out->size = td.size;
return 0;
}
else
{ /* parse data. raw_flag == 0 */
printable = _gnutls_x509_oid_data_printable (oid);
if (printable == 1)
result =
_gnutls_x509_oid_data2string (oid, buf, len,