michael@0: /* alg1485.c - implementation of RFCs 1485, 1779 and 2253. michael@0: * michael@0: * This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: #include "prprf.h" michael@0: #include "cert.h" michael@0: #include "certi.h" michael@0: #include "xconst.h" michael@0: #include "genname.h" michael@0: #include "secitem.h" michael@0: #include "secerr.h" michael@0: michael@0: typedef struct NameToKindStr { michael@0: const char * name; michael@0: unsigned int maxLen; /* max bytes in UTF8 encoded string value */ michael@0: SECOidTag kind; michael@0: int valueType; michael@0: } NameToKind; michael@0: michael@0: /* local type for directory string--could be printable_string or utf8 */ michael@0: #define SEC_ASN1_DS SEC_ASN1_HIGH_TAG_NUMBER michael@0: michael@0: /* Add new entries to this table, and maybe to function ParseRFC1485AVA */ michael@0: static const NameToKind name2kinds[] = { michael@0: /* IANA registered type names michael@0: * (See: http://www.iana.org/assignments/ldap-parameters) michael@0: */ michael@0: /* RFC 3280, 4630 MUST SUPPORT */ michael@0: { "CN", 640, SEC_OID_AVA_COMMON_NAME, SEC_ASN1_DS}, michael@0: { "ST", 128, SEC_OID_AVA_STATE_OR_PROVINCE, michael@0: SEC_ASN1_DS}, michael@0: { "O", 128, SEC_OID_AVA_ORGANIZATION_NAME, michael@0: SEC_ASN1_DS}, michael@0: { "OU", 128, SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME, michael@0: SEC_ASN1_DS}, michael@0: { "dnQualifier", 32767, SEC_OID_AVA_DN_QUALIFIER, SEC_ASN1_PRINTABLE_STRING}, michael@0: { "C", 2, SEC_OID_AVA_COUNTRY_NAME, SEC_ASN1_PRINTABLE_STRING}, michael@0: { "serialNumber", 64, SEC_OID_AVA_SERIAL_NUMBER,SEC_ASN1_PRINTABLE_STRING}, michael@0: michael@0: /* RFC 3280, 4630 SHOULD SUPPORT */ michael@0: { "L", 128, SEC_OID_AVA_LOCALITY, SEC_ASN1_DS}, michael@0: { "title", 64, SEC_OID_AVA_TITLE, SEC_ASN1_DS}, michael@0: { "SN", 64, SEC_OID_AVA_SURNAME, SEC_ASN1_DS}, michael@0: { "givenName", 64, SEC_OID_AVA_GIVEN_NAME, SEC_ASN1_DS}, michael@0: { "initials", 64, SEC_OID_AVA_INITIALS, SEC_ASN1_DS}, michael@0: { "generationQualifier", michael@0: 64, SEC_OID_AVA_GENERATION_QUALIFIER, michael@0: SEC_ASN1_DS}, michael@0: /* RFC 3280, 4630 MAY SUPPORT */ michael@0: { "DC", 128, SEC_OID_AVA_DC, SEC_ASN1_IA5_STRING}, michael@0: { "MAIL", 256, SEC_OID_RFC1274_MAIL, SEC_ASN1_IA5_STRING}, michael@0: { "UID", 256, SEC_OID_RFC1274_UID, SEC_ASN1_DS}, michael@0: michael@0: /* ------------------ "strict" boundary --------------------------------- michael@0: * In strict mode, cert_NameToAscii does not encode any of the attributes michael@0: * below this line. The first SECOidTag below this line must be used to michael@0: * conditionally define the "endKind" in function AppendAVA() below. michael@0: * Most new attribute names should be added below this line. michael@0: * Maybe this line should be up higher? Say, after the 3280 MUSTs and michael@0: * before the 3280 SHOULDs? michael@0: */ michael@0: michael@0: /* values from draft-ietf-ldapbis-user-schema-05 (not in RFC 3280) */ michael@0: { "postalAddress", 128, SEC_OID_AVA_POSTAL_ADDRESS, SEC_ASN1_DS}, michael@0: { "postalCode", 40, SEC_OID_AVA_POSTAL_CODE, SEC_ASN1_DS}, michael@0: { "postOfficeBox", 40, SEC_OID_AVA_POST_OFFICE_BOX,SEC_ASN1_DS}, michael@0: { "houseIdentifier",64, SEC_OID_AVA_HOUSE_IDENTIFIER,SEC_ASN1_DS}, michael@0: /* end of IANA registered type names */ michael@0: michael@0: /* legacy keywords */ michael@0: { "E", 128, SEC_OID_PKCS9_EMAIL_ADDRESS,SEC_ASN1_IA5_STRING}, michael@0: { "STREET", 128, SEC_OID_AVA_STREET_ADDRESS, SEC_ASN1_DS}, michael@0: { "pseudonym", 64, SEC_OID_AVA_PSEUDONYM, SEC_ASN1_DS}, michael@0: michael@0: /* values defined by the CAB Forum for EV */ michael@0: { "incorporationLocality", 128, SEC_OID_EV_INCORPORATION_LOCALITY, michael@0: SEC_ASN1_DS}, michael@0: { "incorporationState", 128, SEC_OID_EV_INCORPORATION_STATE, michael@0: SEC_ASN1_DS}, michael@0: { "incorporationCountry", 2, SEC_OID_EV_INCORPORATION_COUNTRY, michael@0: SEC_ASN1_PRINTABLE_STRING}, michael@0: { "businessCategory", 64, SEC_OID_BUSINESS_CATEGORY, SEC_ASN1_DS}, michael@0: michael@0: /* values defined in X.520 */ michael@0: { "name", 64, SEC_OID_AVA_NAME, SEC_ASN1_DS}, michael@0: michael@0: { 0, 256, SEC_OID_UNKNOWN, 0}, michael@0: }; michael@0: michael@0: /* Table facilitates conversion of ASCII hex to binary. */ michael@0: static const PRInt16 x2b[256] = { michael@0: /* #0x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, michael@0: /* #1x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, michael@0: /* #2x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, michael@0: /* #3x */ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, -1, -1, -1, -1, -1, -1, michael@0: /* #4x */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1, michael@0: /* #5x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, michael@0: /* #6x */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1, michael@0: /* #7x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, michael@0: /* #8x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, michael@0: /* #9x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, michael@0: /* #ax */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, michael@0: /* #bx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, michael@0: /* #cx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, michael@0: /* #dx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, michael@0: /* #ex */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, michael@0: /* #fx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 michael@0: }; michael@0: michael@0: #define IS_HEX(c) (x2b[(PRUint8)(c)] >= 0) michael@0: michael@0: #define C_DOUBLE_QUOTE '\042' michael@0: michael@0: #define C_BACKSLASH '\134' michael@0: michael@0: #define C_EQUAL '=' michael@0: michael@0: #define OPTIONAL_SPACE(c) \ michael@0: (((c) == ' ') || ((c) == '\r') || ((c) == '\n')) michael@0: michael@0: #define SPECIAL_CHAR(c) \ michael@0: (((c) == ',') || ((c) == '=') || ((c) == C_DOUBLE_QUOTE) || \ michael@0: ((c) == '\r') || ((c) == '\n') || ((c) == '+') || \ michael@0: ((c) == '<') || ((c) == '>') || ((c) == '#') || \ michael@0: ((c) == ';') || ((c) == C_BACKSLASH)) michael@0: michael@0: michael@0: #define IS_PRINTABLE(c) \ michael@0: ((((c) >= 'a') && ((c) <= 'z')) || \ michael@0: (((c) >= 'A') && ((c) <= 'Z')) || \ michael@0: (((c) >= '0') && ((c) <= '9')) || \ michael@0: ((c) == ' ') || \ michael@0: ((c) == '\'') || \ michael@0: ((c) == '\050') || /* ( */ \ michael@0: ((c) == '\051') || /* ) */ \ michael@0: (((c) >= '+') && ((c) <= '/')) || /* + , - . / */ \ michael@0: ((c) == ':') || \ michael@0: ((c) == '=') || \ michael@0: ((c) == '?')) michael@0: michael@0: /* RFC 2253 says we must escape ",+\"\\<>;=" EXCEPT inside a quoted string. michael@0: * Inside a quoted string, we only need to escape " and \ michael@0: * We choose to quote strings containing any of those special characters, michael@0: * so we only need to escape " and \ michael@0: */ michael@0: #define NEEDS_ESCAPE(c) \ michael@0: (c == C_DOUBLE_QUOTE || c == C_BACKSLASH) michael@0: michael@0: #define NEEDS_HEX_ESCAPE(c) \ michael@0: ((PRUint8)c < 0x20 || c == 0x7f) michael@0: michael@0: int michael@0: cert_AVAOidTagToMaxLen(SECOidTag tag) michael@0: { michael@0: const NameToKind *n2k = name2kinds; michael@0: michael@0: while (n2k->kind != tag && n2k->kind != SEC_OID_UNKNOWN) { michael@0: ++n2k; michael@0: } michael@0: return (n2k->kind != SEC_OID_UNKNOWN) ? n2k->maxLen : -1; michael@0: } michael@0: michael@0: static PRBool michael@0: IsPrintable(unsigned char *data, unsigned len) michael@0: { michael@0: unsigned char ch, *end; michael@0: michael@0: end = data + len; michael@0: while (data < end) { michael@0: ch = *data++; michael@0: if (!IS_PRINTABLE(ch)) { michael@0: return PR_FALSE; michael@0: } michael@0: } michael@0: return PR_TRUE; michael@0: } michael@0: michael@0: static void michael@0: skipSpace(const char **pbp, const char *endptr) michael@0: { michael@0: const char *bp = *pbp; michael@0: while (bp < endptr && OPTIONAL_SPACE(*bp)) { michael@0: bp++; michael@0: } michael@0: *pbp = bp; michael@0: } michael@0: michael@0: static SECStatus michael@0: scanTag(const char **pbp, const char *endptr, char *tagBuf, int tagBufSize) michael@0: { michael@0: const char *bp; michael@0: char *tagBufp; michael@0: int taglen; michael@0: michael@0: PORT_Assert(tagBufSize > 0); michael@0: michael@0: /* skip optional leading space */ michael@0: skipSpace(pbp, endptr); michael@0: if (*pbp == endptr) { michael@0: /* nothing left */ michael@0: return SECFailure; michael@0: } michael@0: michael@0: /* fill tagBuf */ michael@0: taglen = 0; michael@0: bp = *pbp; michael@0: tagBufp = tagBuf; michael@0: while (bp < endptr && !OPTIONAL_SPACE(*bp) && (*bp != C_EQUAL)) { michael@0: if (++taglen >= tagBufSize) { michael@0: *pbp = bp; michael@0: return SECFailure; michael@0: } michael@0: *tagBufp++ = *bp++; michael@0: } michael@0: /* null-terminate tagBuf -- guaranteed at least one space left */ michael@0: *tagBufp++ = 0; michael@0: *pbp = bp; michael@0: michael@0: /* skip trailing spaces till we hit something - should be an equal sign */ michael@0: skipSpace(pbp, endptr); michael@0: if (*pbp == endptr) { michael@0: /* nothing left */ michael@0: return SECFailure; michael@0: } michael@0: if (**pbp != C_EQUAL) { michael@0: /* should be an equal sign */ michael@0: return SECFailure; michael@0: } michael@0: /* skip over the equal sign */ michael@0: (*pbp)++; michael@0: michael@0: return SECSuccess; michael@0: } michael@0: michael@0: /* Returns the number of bytes in the value. 0 means failure. */ michael@0: static int michael@0: scanVal(const char **pbp, const char *endptr, char *valBuf, int valBufSize) michael@0: { michael@0: const char *bp; michael@0: char *valBufp; michael@0: int vallen = 0; michael@0: PRBool isQuoted; michael@0: michael@0: PORT_Assert(valBufSize > 0); michael@0: michael@0: /* skip optional leading space */ michael@0: skipSpace(pbp, endptr); michael@0: if(*pbp == endptr) { michael@0: /* nothing left */ michael@0: return 0; michael@0: } michael@0: michael@0: bp = *pbp; michael@0: michael@0: /* quoted? */ michael@0: if (*bp == C_DOUBLE_QUOTE) { michael@0: isQuoted = PR_TRUE; michael@0: /* skip over it */ michael@0: bp++; michael@0: } else { michael@0: isQuoted = PR_FALSE; michael@0: } michael@0: michael@0: valBufp = valBuf; michael@0: while (bp < endptr) { michael@0: char c = *bp; michael@0: if (c == C_BACKSLASH) { michael@0: /* escape character */ michael@0: bp++; michael@0: if (bp >= endptr) { michael@0: /* escape charater must appear with paired char */ michael@0: *pbp = bp; michael@0: return 0; michael@0: } michael@0: c = *bp; michael@0: if (IS_HEX(c) && (endptr - bp) >= 2 && IS_HEX(bp[1])) { michael@0: bp++; michael@0: c = (char)((x2b[(PRUint8)c] << 4) | x2b[(PRUint8)*bp]); michael@0: } michael@0: } else if (c == '#' && bp == *pbp) { michael@0: /* ignore leading #, quotation not required for it. */ michael@0: } else if (!isQuoted && SPECIAL_CHAR(c)) { michael@0: /* unescaped special and not within quoted value */ michael@0: break; michael@0: } else if (c == C_DOUBLE_QUOTE) { michael@0: /* reached unescaped double quote */ michael@0: break; michael@0: } michael@0: /* append character */ michael@0: vallen++; michael@0: if (vallen >= valBufSize) { michael@0: *pbp = bp; michael@0: return 0; michael@0: } michael@0: *valBufp++ = c; michael@0: bp++; michael@0: } michael@0: michael@0: /* strip trailing spaces from unquoted values */ michael@0: if (!isQuoted) { michael@0: while (valBufp > valBuf) { michael@0: char c = valBufp[-1]; michael@0: if (! OPTIONAL_SPACE(c)) michael@0: break; michael@0: --valBufp; michael@0: } michael@0: vallen = valBufp - valBuf; michael@0: } michael@0: michael@0: if (isQuoted) { michael@0: /* insist that we stopped on a double quote */ michael@0: if (*bp != C_DOUBLE_QUOTE) { michael@0: *pbp = bp; michael@0: return 0; michael@0: } michael@0: /* skip over the quote and skip optional space */ michael@0: bp++; michael@0: skipSpace(&bp, endptr); michael@0: } michael@0: michael@0: *pbp = bp; michael@0: michael@0: /* null-terminate valBuf -- guaranteed at least one space left */ michael@0: *valBufp = 0; michael@0: michael@0: return vallen; michael@0: } michael@0: michael@0: /* Caller must set error code upon failure */ michael@0: static SECStatus michael@0: hexToBin(PLArenaPool *pool, SECItem * destItem, const char * src, int len) michael@0: { michael@0: PRUint8 * dest; michael@0: michael@0: destItem->data = NULL; michael@0: if (len <= 0 || (len & 1)) { michael@0: goto loser; michael@0: } michael@0: len >>= 1; michael@0: if (!SECITEM_AllocItem(pool, destItem, len)) michael@0: goto loser; michael@0: dest = destItem->data; michael@0: for (; len > 0; len--, src += 2) { michael@0: PRInt16 bin = (x2b[(PRUint8)src[0]] << 4) | x2b[(PRUint8)src[1]]; michael@0: if (bin < 0) michael@0: goto loser; michael@0: *dest++ = (PRUint8)bin; michael@0: } michael@0: return SECSuccess; michael@0: loser: michael@0: if (!pool) michael@0: SECITEM_FreeItem(destItem, PR_FALSE); michael@0: return SECFailure; michael@0: } michael@0: michael@0: /* Parses one AVA, starting at *pbp. Stops at endptr. michael@0: * Advances *pbp past parsed AVA and trailing separator (if present). michael@0: * On any error, returns NULL and *pbp is undefined. michael@0: * On success, returns CERTAVA allocated from arena, and (*pbp)[-1] was michael@0: * the last character parsed. *pbp is either equal to endptr or michael@0: * points to first character after separator. michael@0: */ michael@0: static CERTAVA * michael@0: ParseRFC1485AVA(PLArenaPool *arena, const char **pbp, const char *endptr) michael@0: { michael@0: CERTAVA *a; michael@0: const NameToKind *n2k; michael@0: const char *bp; michael@0: int vt = -1; michael@0: int valLen; michael@0: SECOidTag kind = SEC_OID_UNKNOWN; michael@0: SECStatus rv = SECFailure; michael@0: SECItem derOid = { 0, NULL, 0 }; michael@0: SECItem derVal = { 0, NULL, 0}; michael@0: char sep = 0; michael@0: michael@0: char tagBuf[32]; michael@0: char valBuf[1024]; michael@0: michael@0: PORT_Assert(arena); michael@0: if (SECSuccess != scanTag(pbp, endptr, tagBuf, sizeof tagBuf) || michael@0: !(valLen = scanVal(pbp, endptr, valBuf, sizeof valBuf))) { michael@0: goto loser; michael@0: } michael@0: michael@0: bp = *pbp; michael@0: if (bp < endptr) { michael@0: sep = *bp++; /* skip over separator */ michael@0: } michael@0: *pbp = bp; michael@0: /* if we haven't finished, insist that we've stopped on a separator */ michael@0: if (sep && sep != ',' && sep != ';' && sep != '+') { michael@0: goto loser; michael@0: } michael@0: michael@0: /* is this a dotted decimal OID attribute type ? */ michael@0: if (!PL_strncasecmp("oid.", tagBuf, 4)) { michael@0: rv = SEC_StringToOID(arena, &derOid, tagBuf, strlen(tagBuf)); michael@0: } else { michael@0: for (n2k = name2kinds; n2k->name; n2k++) { michael@0: SECOidData *oidrec; michael@0: if (PORT_Strcasecmp(n2k->name, tagBuf) == 0) { michael@0: kind = n2k->kind; michael@0: vt = n2k->valueType; michael@0: oidrec = SECOID_FindOIDByTag(kind); michael@0: if (oidrec == NULL) michael@0: goto loser; michael@0: derOid = oidrec->oid; michael@0: break; michael@0: } michael@0: } michael@0: } michael@0: if (kind == SEC_OID_UNKNOWN && rv != SECSuccess) michael@0: goto loser; michael@0: michael@0: /* Is this a hex encoding of a DER attribute value ? */ michael@0: if ('#' == valBuf[0]) { michael@0: /* convert attribute value from hex to binary */ michael@0: rv = hexToBin(arena, &derVal, valBuf + 1, valLen - 1); michael@0: if (rv) michael@0: goto loser; michael@0: a = CERT_CreateAVAFromRaw(arena, &derOid, &derVal); michael@0: } else { michael@0: if (kind == SEC_OID_UNKNOWN) michael@0: goto loser; michael@0: if (kind == SEC_OID_AVA_COUNTRY_NAME && valLen != 2) michael@0: goto loser; michael@0: if (vt == SEC_ASN1_PRINTABLE_STRING && michael@0: !IsPrintable((unsigned char*) valBuf, valLen)) michael@0: goto loser; michael@0: if (vt == SEC_ASN1_DS) { michael@0: /* RFC 4630: choose PrintableString or UTF8String */ michael@0: if (IsPrintable((unsigned char*) valBuf, valLen)) michael@0: vt = SEC_ASN1_PRINTABLE_STRING; michael@0: else michael@0: vt = SEC_ASN1_UTF8_STRING; michael@0: } michael@0: michael@0: derVal.data = (unsigned char*) valBuf; michael@0: derVal.len = valLen; michael@0: a = CERT_CreateAVAFromSECItem(arena, kind, vt, &derVal); michael@0: } michael@0: return a; michael@0: michael@0: loser: michael@0: /* matched no kind -- invalid tag */ michael@0: PORT_SetError(SEC_ERROR_INVALID_AVA); michael@0: return 0; michael@0: } michael@0: michael@0: static CERTName * michael@0: ParseRFC1485Name(const char *buf, int len) michael@0: { michael@0: SECStatus rv; michael@0: CERTName *name; michael@0: const char *bp, *e; michael@0: CERTAVA *ava; michael@0: CERTRDN *rdn = NULL; michael@0: michael@0: name = CERT_CreateName(NULL); michael@0: if (name == NULL) { michael@0: return NULL; michael@0: } michael@0: michael@0: e = buf + len; michael@0: bp = buf; michael@0: while (bp < e) { michael@0: ava = ParseRFC1485AVA(name->arena, &bp, e); michael@0: if (ava == 0) michael@0: goto loser; michael@0: if (!rdn) { michael@0: rdn = CERT_CreateRDN(name->arena, ava, (CERTAVA *)0); michael@0: if (rdn == 0) michael@0: goto loser; michael@0: rv = CERT_AddRDN(name, rdn); michael@0: } else { michael@0: rv = CERT_AddAVA(name->arena, rdn, ava); michael@0: } michael@0: if (rv) michael@0: goto loser; michael@0: if (bp[-1] != '+') michael@0: rdn = NULL; /* done with this RDN */ michael@0: skipSpace(&bp, e); michael@0: } michael@0: michael@0: if (name->rdns[0] == 0) { michael@0: /* empty name -- illegal */ michael@0: goto loser; michael@0: } michael@0: michael@0: /* Reverse order of RDNS to comply with RFC */ michael@0: { michael@0: CERTRDN **firstRdn; michael@0: CERTRDN **lastRdn; michael@0: CERTRDN *tmp; michael@0: michael@0: /* get first one */ michael@0: firstRdn = name->rdns; michael@0: michael@0: /* find last one */ michael@0: lastRdn = name->rdns; michael@0: while (*lastRdn) lastRdn++; michael@0: lastRdn--; michael@0: michael@0: /* reverse list */ michael@0: for ( ; firstRdn < lastRdn; firstRdn++, lastRdn--) { michael@0: tmp = *firstRdn; michael@0: *firstRdn = *lastRdn; michael@0: *lastRdn = tmp; michael@0: } michael@0: } michael@0: michael@0: /* return result */ michael@0: return name; michael@0: michael@0: loser: michael@0: CERT_DestroyName(name); michael@0: return NULL; michael@0: } michael@0: michael@0: CERTName * michael@0: CERT_AsciiToName(const char *string) michael@0: { michael@0: CERTName *name; michael@0: name = ParseRFC1485Name(string, PORT_Strlen(string)); michael@0: return name; michael@0: } michael@0: michael@0: /************************************************************************/ michael@0: michael@0: typedef struct stringBufStr { michael@0: char *buffer; michael@0: unsigned offset; michael@0: unsigned size; michael@0: } stringBuf; michael@0: michael@0: #define DEFAULT_BUFFER_SIZE 200 michael@0: michael@0: static SECStatus michael@0: AppendStr(stringBuf *bufp, char *str) michael@0: { michael@0: char *buf; michael@0: unsigned bufLen, bufSize, len; michael@0: int size = 0; michael@0: michael@0: /* Figure out how much to grow buf by (add in the '\0') */ michael@0: buf = bufp->buffer; michael@0: bufLen = bufp->offset; michael@0: len = PORT_Strlen(str); michael@0: bufSize = bufLen + len; michael@0: if (!buf) { michael@0: bufSize++; michael@0: size = PR_MAX(DEFAULT_BUFFER_SIZE,bufSize*2); michael@0: buf = (char *) PORT_Alloc(size); michael@0: bufp->size = size; michael@0: } else if (bufp->size < bufSize) { michael@0: size = bufSize*2; michael@0: buf =(char *) PORT_Realloc(buf,size); michael@0: bufp->size = size; michael@0: } michael@0: if (!buf) { michael@0: PORT_SetError(SEC_ERROR_NO_MEMORY); michael@0: return SECFailure; michael@0: } michael@0: bufp->buffer = buf; michael@0: bufp->offset = bufSize; michael@0: michael@0: /* Concatenate str onto buf */ michael@0: buf = buf + bufLen; michael@0: if (bufLen) buf--; /* stomp on old '\0' */ michael@0: PORT_Memcpy(buf, str, len+1); /* put in new null */ michael@0: return SECSuccess; michael@0: } michael@0: michael@0: typedef enum { michael@0: minimalEscape = 0, /* only hex escapes, and " and \ */ michael@0: minimalEscapeAndQuote, /* as above, plus quoting */ michael@0: fullEscape /* no quoting, full escaping */ michael@0: } EQMode; michael@0: michael@0: /* Some characters must be escaped as a hex string, e.g. c -> \nn . michael@0: * Others must be escaped by preceding with a '\', e.g. c -> \c , but michael@0: * there are certain "special characters" that may be handled by either michael@0: * escaping them, or by enclosing the entire attribute value in quotes. michael@0: * A NULL value for pEQMode implies selecting minimalEscape mode. michael@0: * Some callers will do quoting when needed, others will not. michael@0: * If a caller selects minimalEscapeAndQuote, and the string does not michael@0: * need quoting, then this function changes it to minimalEscape. michael@0: */ michael@0: static int michael@0: cert_RFC1485_GetRequiredLen(const char *src, int srclen, EQMode *pEQMode) michael@0: { michael@0: int i, reqLen=0; michael@0: EQMode mode = pEQMode ? *pEQMode : minimalEscape; michael@0: PRBool needsQuoting = PR_FALSE; michael@0: char lastC = 0; michael@0: michael@0: /* need to make an initial pass to determine if quoting is needed */ michael@0: for (i = 0; i < srclen; i++) { michael@0: char c = src[i]; michael@0: reqLen++; michael@0: if (NEEDS_HEX_ESCAPE(c)) { /* c -> \xx */ michael@0: reqLen += 2; michael@0: } else if (NEEDS_ESCAPE(c)) { /* c -> \c */ michael@0: reqLen++; michael@0: } else if (SPECIAL_CHAR(c)) { michael@0: if (mode == minimalEscapeAndQuote) /* quoting is allowed */ michael@0: needsQuoting = PR_TRUE; /* entirety will need quoting */ michael@0: else if (mode == fullEscape) michael@0: reqLen++; /* MAY escape this character */ michael@0: } else if (OPTIONAL_SPACE(c) && OPTIONAL_SPACE(lastC)) { michael@0: if (mode == minimalEscapeAndQuote) /* quoting is allowed */ michael@0: needsQuoting = PR_TRUE; /* entirety will need quoting */ michael@0: } michael@0: lastC = c; michael@0: } michael@0: /* if it begins or ends in optional space it needs quoting */ michael@0: if (!needsQuoting && srclen > 0 && mode == minimalEscapeAndQuote && michael@0: (OPTIONAL_SPACE(src[srclen-1]) || OPTIONAL_SPACE(src[0]))) { michael@0: needsQuoting = PR_TRUE; michael@0: } michael@0: michael@0: if (needsQuoting) michael@0: reqLen += 2; michael@0: if (pEQMode && mode == minimalEscapeAndQuote && !needsQuoting) michael@0: *pEQMode = minimalEscape; michael@0: return reqLen; michael@0: } michael@0: michael@0: static const char hexChars[16] = { "0123456789abcdef" }; michael@0: michael@0: static SECStatus michael@0: escapeAndQuote(char *dst, int dstlen, char *src, int srclen, EQMode *pEQMode) michael@0: { michael@0: int i, reqLen=0; michael@0: EQMode mode = pEQMode ? *pEQMode : minimalEscape; michael@0: michael@0: /* space for terminal null */ michael@0: reqLen = cert_RFC1485_GetRequiredLen(src, srclen, &mode) + 1; michael@0: if (reqLen > dstlen) { michael@0: PORT_SetError(SEC_ERROR_OUTPUT_LEN); michael@0: return SECFailure; michael@0: } michael@0: michael@0: if (mode == minimalEscapeAndQuote) michael@0: *dst++ = C_DOUBLE_QUOTE; michael@0: for (i = 0; i < srclen; i++) { michael@0: char c = src[i]; michael@0: if (NEEDS_HEX_ESCAPE(c)) { michael@0: *dst++ = C_BACKSLASH; michael@0: *dst++ = hexChars[ (c >> 4) & 0x0f ]; michael@0: *dst++ = hexChars[ c & 0x0f ]; michael@0: } else { michael@0: if (NEEDS_ESCAPE(c) || (SPECIAL_CHAR(c) && mode == fullEscape)) { michael@0: *dst++ = C_BACKSLASH; michael@0: } michael@0: *dst++ = c; michael@0: } michael@0: } michael@0: if (mode == minimalEscapeAndQuote) michael@0: *dst++ = C_DOUBLE_QUOTE; michael@0: *dst++ = 0; michael@0: if (pEQMode) michael@0: *pEQMode = mode; michael@0: return SECSuccess; michael@0: } michael@0: michael@0: SECStatus michael@0: CERT_RFC1485_EscapeAndQuote(char *dst, int dstlen, char *src, int srclen) michael@0: { michael@0: EQMode mode = minimalEscapeAndQuote; michael@0: return escapeAndQuote(dst, dstlen, src, srclen, &mode); michael@0: } michael@0: michael@0: michael@0: /* convert an OID to dotted-decimal representation */ michael@0: /* Returns a string that must be freed with PR_smprintf_free(), */ michael@0: char * michael@0: CERT_GetOidString(const SECItem *oid) michael@0: { michael@0: PRUint8 *stop; /* points to first byte after OID string */ michael@0: PRUint8 *first; /* byte of an OID component integer */ michael@0: PRUint8 *last; /* byte of an OID component integer */ michael@0: char *rvString = NULL; michael@0: char *prefix = NULL; michael@0: michael@0: #define MAX_OID_LEN 1024 /* bytes */ michael@0: michael@0: if (oid->len > MAX_OID_LEN) { michael@0: PORT_SetError(SEC_ERROR_INPUT_LEN); michael@0: return NULL; michael@0: } michael@0: michael@0: /* first will point to the next sequence of bytes to decode */ michael@0: first = (PRUint8 *)oid->data; michael@0: /* stop points to one past the legitimate data */ michael@0: stop = &first[ oid->len ]; michael@0: michael@0: /* michael@0: * Check for our pseudo-encoded single-digit OIDs michael@0: */ michael@0: if ((*first == 0x80) && (2 == oid->len)) { michael@0: /* Funky encoding. The second byte is the number */ michael@0: rvString = PR_smprintf("%lu", (PRUint32)first[1]); michael@0: if (!rvString) { michael@0: PORT_SetError(SEC_ERROR_NO_MEMORY); michael@0: } michael@0: return rvString; michael@0: } michael@0: michael@0: for (; first < stop; first = last + 1) { michael@0: unsigned int bytesBeforeLast; michael@0: michael@0: for (last = first; last < stop; last++) { michael@0: if (0 == (*last & 0x80)) { michael@0: break; michael@0: } michael@0: } michael@0: bytesBeforeLast = (unsigned int)(last - first); michael@0: if (bytesBeforeLast <= 3U) { /* 0-28 bit number */ michael@0: PRUint32 n = 0; michael@0: PRUint32 c; michael@0: michael@0: #define CGET(i, m) \ michael@0: c = last[-i] & m; \ michael@0: n |= c << (7 * i) michael@0: michael@0: #define CASE(i, m) \ michael@0: case i: \ michael@0: CGET(i, m); \ michael@0: if (!n) goto unsupported \ michael@0: /* fall-through */ michael@0: michael@0: switch (bytesBeforeLast) { michael@0: CASE(3, 0x7f); michael@0: CASE(2, 0x7f); michael@0: CASE(1, 0x7f); michael@0: case 0: n |= last[0] & 0x7f; michael@0: break; michael@0: } michael@0: if (last[0] & 0x80) michael@0: goto unsupported; michael@0: michael@0: if (!rvString) { michael@0: /* This is the first number.. decompose it */ michael@0: PRUint32 one = PR_MIN(n/40, 2); /* never > 2 */ michael@0: PRUint32 two = n - (one * 40); michael@0: michael@0: rvString = PR_smprintf("OID.%lu.%lu", one, two); michael@0: } else { michael@0: prefix = rvString; michael@0: rvString = PR_smprintf("%s.%lu", prefix, n); michael@0: } michael@0: } else if (bytesBeforeLast <= 9U) { /* 29-64 bit number */ michael@0: PRUint64 n = 0; michael@0: PRUint64 c; michael@0: michael@0: switch (bytesBeforeLast) { michael@0: CASE(9, 0x01); michael@0: CASE(8, 0x7f); michael@0: CASE(7, 0x7f); michael@0: CASE(6, 0x7f); michael@0: CASE(5, 0x7f); michael@0: CASE(4, 0x7f); michael@0: CGET(3, 0x7f); michael@0: CGET(2, 0x7f); michael@0: CGET(1, 0x7f); michael@0: CGET(0, 0x7f); michael@0: break; michael@0: } michael@0: if (last[0] & 0x80) michael@0: goto unsupported; michael@0: michael@0: if (!rvString) { michael@0: /* This is the first number.. decompose it */ michael@0: PRUint64 one = PR_MIN(n/40, 2); /* never > 2 */ michael@0: PRUint64 two = n - (one * 40); michael@0: michael@0: rvString = PR_smprintf("OID.%llu.%llu", one, two); michael@0: } else { michael@0: prefix = rvString; michael@0: rvString = PR_smprintf("%s.%llu", prefix, n); michael@0: } michael@0: } else { michael@0: /* More than a 64-bit number, or not minimal encoding. */ michael@0: unsupported: michael@0: if (!rvString) michael@0: rvString = PR_smprintf("OID.UNSUPPORTED"); michael@0: else { michael@0: prefix = rvString; michael@0: rvString = PR_smprintf("%s.UNSUPPORTED", prefix); michael@0: } michael@0: } michael@0: michael@0: if (prefix) { michael@0: PR_smprintf_free(prefix); michael@0: prefix = NULL; michael@0: } michael@0: if (!rvString) { michael@0: PORT_SetError(SEC_ERROR_NO_MEMORY); michael@0: break; michael@0: } michael@0: } michael@0: return rvString; michael@0: } michael@0: michael@0: /* convert DER-encoded hex to a string */ michael@0: static SECItem * michael@0: get_hex_string(SECItem *data) michael@0: { michael@0: SECItem *rv; michael@0: unsigned int i, j; michael@0: static const char hex[] = { "0123456789ABCDEF" }; michael@0: michael@0: /* '#' + 2 chars per octet + terminator */ michael@0: rv = SECITEM_AllocItem(NULL, NULL, data->len*2 + 2); michael@0: if (!rv) { michael@0: return NULL; michael@0: } michael@0: rv->data[0] = '#'; michael@0: rv->len = 1 + 2 * data->len; michael@0: for (i=0; ilen; i++) { michael@0: j = data->data[i]; michael@0: rv->data[2*i+1] = hex[j >> 4]; michael@0: rv->data[2*i+2] = hex[j & 15]; michael@0: } michael@0: rv->data[rv->len] = 0; michael@0: return rv; michael@0: } michael@0: michael@0: /* For compliance with RFC 2253, RFC 3280 and RFC 4630, we choose to michael@0: * use the NAME=STRING form, rather than the OID.N.N=#hexXXXX form, michael@0: * when both of these conditions are met: michael@0: * 1) The attribute name OID (kind) has a known name string that is michael@0: * defined in one of those RFCs, or in RFCs that they cite, AND michael@0: * 2) The attribute's value encoding is RFC compliant for the kind michael@0: * (e.g., the value's encoding tag is correct for the kind, and michael@0: * the value's length is in the range allowed for the kind, and michael@0: * the value's contents are appropriate for the encoding tag). michael@0: * Otherwise, we use the OID.N.N=#hexXXXX form. michael@0: * michael@0: * If the caller prefers maximum human readability to RFC compliance, michael@0: * then michael@0: * - We print the kind in NAME= string form if we know the name michael@0: * string for the attribute type OID, regardless of whether the michael@0: * value is correctly encoded or not. else we use the OID.N.N= form. michael@0: * - We use the non-hex STRING form for the attribute value if the michael@0: * value can be represented in such a form. Otherwise, we use michael@0: * the hex string form. michael@0: * This implies that, for maximum human readability, in addition to michael@0: * the two forms allowed by the RFC, we allow two other forms of output: michael@0: * - the OID.N.N=STRING form, and michael@0: * - the NAME=#hexXXXX form michael@0: * When the caller prefers maximum human readability, we do not allow michael@0: * the value of any attribute to exceed the length allowed by the RFC. michael@0: * If the attribute value exceeds the allowed length, we truncate it to michael@0: * the allowed length and append "...". michael@0: * Also in this case, we arbitrarily impose a limit on the length of the michael@0: * entire AVA encoding, regardless of the form, of 384 bytes per AVA. michael@0: * This limit includes the trailing NULL character. If the encoded michael@0: * AVA length exceeds that limit, this function reports failure to encode michael@0: * the AVA. michael@0: * michael@0: * An ASCII representation of an AVA is said to be "invertible" if michael@0: * conversion back to DER reproduces the original DER encoding exactly. michael@0: * The RFC 2253 rules do not ensure that all ASCII AVAs derived according michael@0: * to its rules are invertible. That is because the RFCs allow some michael@0: * attribute values to be encoded in any of a number of encodings, michael@0: * and the encoding type information is lost in the non-hex STRING form. michael@0: * This is particularly true of attributes of type DirectoryString. michael@0: * The encoding type information is always preserved in the hex string michael@0: * form, because the hex includes the entire DER encoding of the value. michael@0: * michael@0: * So, when the caller perfers maximum invertibility, we apply the michael@0: * RFC compliance rules stated above, and add a third required michael@0: * condition on the use of the NAME=STRING form. michael@0: * 3) The attribute's kind is not is allowed to be encoded in any of michael@0: * several different encodings, such as DirectoryStrings. michael@0: * michael@0: * The chief difference between CERT_N2A_STRICT and CERT_N2A_INVERTIBLE michael@0: * is that the latter forces DirectoryStrings to be hex encoded. michael@0: * michael@0: * As a simplification, we assume the value is correctly encoded for michael@0: * its encoding type. That is, we do not test that all the characters michael@0: * in a string encoded type are allowed by that type. We assume it. michael@0: */ michael@0: static SECStatus michael@0: AppendAVA(stringBuf *bufp, CERTAVA *ava, CertStrictnessLevel strict) michael@0: { michael@0: #define TMPBUF_LEN 2048 michael@0: const NameToKind *pn2k = name2kinds; michael@0: SECItem *avaValue = NULL; michael@0: char *unknownTag = NULL; michael@0: char *encodedAVA = NULL; michael@0: PRBool useHex = PR_FALSE; /* use =#hexXXXX form */ michael@0: PRBool truncateName = PR_FALSE; michael@0: PRBool truncateValue = PR_FALSE; michael@0: SECOidTag endKind; michael@0: SECStatus rv; michael@0: unsigned int len; michael@0: unsigned int nameLen, valueLen; michael@0: unsigned int maxName, maxValue; michael@0: EQMode mode = minimalEscapeAndQuote; michael@0: NameToKind n2k = { NULL, 32767, SEC_OID_UNKNOWN, SEC_ASN1_DS }; michael@0: char tmpBuf[TMPBUF_LEN]; michael@0: michael@0: #define tagName n2k.name /* non-NULL means use NAME= form */ michael@0: #define maxBytes n2k.maxLen michael@0: #define tag n2k.kind michael@0: #define vt n2k.valueType michael@0: michael@0: /* READABLE mode recognizes more names from the name2kinds table michael@0: * than do STRICT or INVERTIBLE modes. This assignment chooses the michael@0: * point in the table where the attribute type name scanning stops. michael@0: */ michael@0: endKind = (strict == CERT_N2A_READABLE) ? SEC_OID_UNKNOWN michael@0: : SEC_OID_AVA_POSTAL_ADDRESS; michael@0: tag = CERT_GetAVATag(ava); michael@0: while (pn2k->kind != tag && pn2k->kind != endKind) { michael@0: ++pn2k; michael@0: } michael@0: michael@0: if (pn2k->kind != endKind ) { michael@0: n2k = *pn2k; michael@0: } else if (strict != CERT_N2A_READABLE) { michael@0: useHex = PR_TRUE; michael@0: } michael@0: /* For invertable form, force Directory Strings to use hex form. */ michael@0: if (strict == CERT_N2A_INVERTIBLE && vt == SEC_ASN1_DS) { michael@0: tagName = NULL; /* must use OID.N form */ michael@0: useHex = PR_TRUE; /* must use hex string */ michael@0: } michael@0: if (!useHex) { michael@0: avaValue = CERT_DecodeAVAValue(&ava->value); michael@0: if (!avaValue) { michael@0: useHex = PR_TRUE; michael@0: if (strict != CERT_N2A_READABLE) { michael@0: tagName = NULL; /* must use OID.N form */ michael@0: } michael@0: } michael@0: } michael@0: if (!tagName) { michael@0: /* handle unknown attribute types per RFC 2253 */ michael@0: tagName = unknownTag = CERT_GetOidString(&ava->type); michael@0: if (!tagName) { michael@0: if (avaValue) michael@0: SECITEM_FreeItem(avaValue, PR_TRUE); michael@0: return SECFailure; michael@0: } michael@0: } michael@0: if (useHex) { michael@0: avaValue = get_hex_string(&ava->value); michael@0: if (!avaValue) { michael@0: if (unknownTag) michael@0: PR_smprintf_free(unknownTag); michael@0: return SECFailure; michael@0: } michael@0: } michael@0: michael@0: nameLen = strlen(tagName); michael@0: valueLen = (useHex ? avaValue->len : michael@0: cert_RFC1485_GetRequiredLen((char *)avaValue->data, avaValue->len, michael@0: &mode)); michael@0: len = nameLen + valueLen + 2; /* Add 2 for '=' and trailing NUL */ michael@0: michael@0: maxName = nameLen; michael@0: maxValue = valueLen; michael@0: if (len <= sizeof(tmpBuf)) { michael@0: encodedAVA = tmpBuf; michael@0: } else if (strict != CERT_N2A_READABLE) { michael@0: encodedAVA = PORT_Alloc(len); michael@0: if (!encodedAVA) { michael@0: SECITEM_FreeItem(avaValue, PR_TRUE); michael@0: if (unknownTag) michael@0: PR_smprintf_free(unknownTag); michael@0: return SECFailure; michael@0: } michael@0: } else { michael@0: /* Must make output fit in tmpbuf */ michael@0: unsigned int fair = (sizeof tmpBuf)/2 - 1; /* for = and \0 */ michael@0: michael@0: if (nameLen < fair) { michael@0: /* just truncate the value */ michael@0: maxValue = (sizeof tmpBuf) - (nameLen + 6); /* for "=...\0", michael@0: and possibly '"' */ michael@0: } else if (valueLen < fair) { michael@0: /* just truncate the name */ michael@0: maxName = (sizeof tmpBuf) - (valueLen + 5); /* for "=...\0" */ michael@0: } else { michael@0: /* truncate both */ michael@0: maxName = maxValue = fair - 3; /* for "..." */ michael@0: } michael@0: if (nameLen > maxName) { michael@0: PORT_Assert(unknownTag && unknownTag == tagName); michael@0: truncateName = PR_TRUE; michael@0: nameLen = maxName; michael@0: } michael@0: encodedAVA = tmpBuf; michael@0: } michael@0: michael@0: memcpy(encodedAVA, tagName, nameLen); michael@0: if (truncateName) { michael@0: /* If tag name is too long, we know it is an OID form that was michael@0: * allocated from the heap, so we can modify it in place michael@0: */ michael@0: encodedAVA[nameLen-1] = '.'; michael@0: encodedAVA[nameLen-2] = '.'; michael@0: encodedAVA[nameLen-3] = '.'; michael@0: } michael@0: encodedAVA[nameLen++] = '='; michael@0: if (unknownTag) michael@0: PR_smprintf_free(unknownTag); michael@0: michael@0: if (strict == CERT_N2A_READABLE && maxValue > maxBytes) michael@0: maxValue = maxBytes; michael@0: if (valueLen > maxValue) { michael@0: valueLen = maxValue; michael@0: truncateValue = PR_TRUE; michael@0: } michael@0: /* escape and quote as necessary - don't quote hex strings */ michael@0: if (useHex) { michael@0: char * end = encodedAVA + nameLen + valueLen; michael@0: memcpy(encodedAVA + nameLen, (char *)avaValue->data, valueLen); michael@0: end[0] = '\0'; michael@0: if (truncateValue) { michael@0: end[-1] = '.'; michael@0: end[-2] = '.'; michael@0: end[-3] = '.'; michael@0: } michael@0: rv = SECSuccess; michael@0: } else if (!truncateValue) { michael@0: rv = escapeAndQuote(encodedAVA + nameLen, len - nameLen, michael@0: (char *)avaValue->data, avaValue->len, &mode); michael@0: } else { michael@0: /* must truncate the escaped and quoted value */ michael@0: char bigTmpBuf[TMPBUF_LEN * 3 + 3]; michael@0: PORT_Assert(valueLen < sizeof tmpBuf); michael@0: rv = escapeAndQuote(bigTmpBuf, sizeof bigTmpBuf, michael@0: (char *)avaValue->data, michael@0: PR_MIN(avaValue->len, valueLen), &mode); michael@0: michael@0: bigTmpBuf[valueLen--] = '\0'; /* hard stop here */ michael@0: /* See if we're in the middle of a multi-byte UTF8 character */ michael@0: while (((bigTmpBuf[valueLen] & 0xc0) == 0x80) && valueLen > 0) { michael@0: bigTmpBuf[valueLen--] = '\0'; michael@0: } michael@0: /* add ellipsis to signify truncation. */ michael@0: bigTmpBuf[++valueLen] = '.'; michael@0: bigTmpBuf[++valueLen] = '.'; michael@0: bigTmpBuf[++valueLen] = '.'; michael@0: if (bigTmpBuf[0] == '"') michael@0: bigTmpBuf[++valueLen] = '"'; michael@0: bigTmpBuf[++valueLen] = '\0'; michael@0: PORT_Assert(nameLen + valueLen <= (sizeof tmpBuf) - 1); michael@0: memcpy(encodedAVA + nameLen, bigTmpBuf, valueLen+1); michael@0: } michael@0: michael@0: SECITEM_FreeItem(avaValue, PR_TRUE); michael@0: if (rv == SECSuccess) michael@0: rv = AppendStr(bufp, encodedAVA); michael@0: if (encodedAVA != tmpBuf) michael@0: PORT_Free(encodedAVA); michael@0: return rv; michael@0: } michael@0: michael@0: #undef tagName michael@0: #undef maxBytes michael@0: #undef tag michael@0: #undef vt michael@0: michael@0: char * michael@0: CERT_NameToAsciiInvertible(CERTName *name, CertStrictnessLevel strict) michael@0: { michael@0: CERTRDN** rdns; michael@0: CERTRDN** lastRdn; michael@0: CERTRDN** rdn; michael@0: PRBool first = PR_TRUE; michael@0: stringBuf strBuf = { NULL, 0, 0 }; michael@0: michael@0: rdns = name->rdns; michael@0: if (rdns == NULL) { michael@0: return NULL; michael@0: } michael@0: michael@0: /* find last RDN */ michael@0: lastRdn = rdns; michael@0: while (*lastRdn) lastRdn++; michael@0: lastRdn--; michael@0: michael@0: /* michael@0: * Loop over name contents in _reverse_ RDN order appending to string michael@0: */ michael@0: for (rdn = lastRdn; rdn >= rdns; rdn--) { michael@0: CERTAVA** avas = (*rdn)->avas; michael@0: CERTAVA* ava; michael@0: PRBool newRDN = PR_TRUE; michael@0: michael@0: /* michael@0: * XXX Do we need to traverse the AVAs in reverse order, too? michael@0: */ michael@0: while (avas && (ava = *avas++) != NULL) { michael@0: SECStatus rv; michael@0: /* Put in comma or plus separator */ michael@0: if (!first) { michael@0: /* Use of spaces is deprecated in RFC 2253. */ michael@0: rv = AppendStr(&strBuf, newRDN ? "," : "+"); michael@0: if (rv) goto loser; michael@0: } else { michael@0: first = PR_FALSE; michael@0: } michael@0: michael@0: /* Add in tag type plus value into strBuf */ michael@0: rv = AppendAVA(&strBuf, ava, strict); michael@0: if (rv) goto loser; michael@0: newRDN = PR_FALSE; michael@0: } michael@0: } michael@0: return strBuf.buffer; michael@0: loser: michael@0: if (strBuf.buffer) { michael@0: PORT_Free(strBuf.buffer); michael@0: } michael@0: return NULL; michael@0: } michael@0: michael@0: char * michael@0: CERT_NameToAscii(CERTName *name) michael@0: { michael@0: return CERT_NameToAsciiInvertible(name, CERT_N2A_READABLE); michael@0: } michael@0: michael@0: /* michael@0: * Return the string representation of a DER encoded distinguished name michael@0: * "dername" - The DER encoded name to convert michael@0: */ michael@0: char * michael@0: CERT_DerNameToAscii(SECItem *dername) michael@0: { michael@0: int rv; michael@0: PLArenaPool *arena = NULL; michael@0: CERTName name; michael@0: char *retstr = NULL; michael@0: michael@0: arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); michael@0: michael@0: if ( arena == NULL) { michael@0: goto loser; michael@0: } michael@0: michael@0: rv = SEC_QuickDERDecodeItem(arena, &name, CERT_NameTemplate, dername); michael@0: michael@0: if ( rv != SECSuccess ) { michael@0: goto loser; michael@0: } michael@0: michael@0: retstr = CERT_NameToAscii(&name); michael@0: michael@0: loser: michael@0: if ( arena != NULL ) { michael@0: PORT_FreeArena(arena, PR_FALSE); michael@0: } michael@0: michael@0: return(retstr); michael@0: } michael@0: michael@0: static char * michael@0: avaToString(PLArenaPool *arena, CERTAVA *ava) michael@0: { michael@0: char * buf = NULL; michael@0: SECItem* avaValue; michael@0: int valueLen; michael@0: michael@0: avaValue = CERT_DecodeAVAValue(&ava->value); michael@0: if(!avaValue) { michael@0: return buf; michael@0: } michael@0: valueLen = cert_RFC1485_GetRequiredLen((char *)avaValue->data, michael@0: avaValue->len, NULL) + 1; michael@0: if (arena) { michael@0: buf = (char *)PORT_ArenaZAlloc(arena, valueLen); michael@0: } else { michael@0: buf = (char *)PORT_ZAlloc(valueLen); michael@0: } michael@0: if (buf) { michael@0: SECStatus rv = escapeAndQuote(buf, valueLen, (char *)avaValue->data, michael@0: avaValue->len, NULL); michael@0: if (rv != SECSuccess) { michael@0: if (!arena) michael@0: PORT_Free(buf); michael@0: buf = NULL; michael@0: } michael@0: } michael@0: SECITEM_FreeItem(avaValue, PR_TRUE); michael@0: return buf; michael@0: } michael@0: michael@0: /* RDNs are sorted from most general to most specific. michael@0: * This code returns the FIRST one found, the most general one found. michael@0: */ michael@0: static char * michael@0: CERT_GetNameElement(PLArenaPool *arena, const CERTName *name, int wantedTag) michael@0: { michael@0: CERTRDN** rdns = name->rdns; michael@0: CERTRDN* rdn; michael@0: CERTAVA* ava = NULL; michael@0: michael@0: while (rdns && (rdn = *rdns++) != 0) { michael@0: CERTAVA** avas = rdn->avas; michael@0: while (avas && (ava = *avas++) != 0) { michael@0: int tag = CERT_GetAVATag(ava); michael@0: if ( tag == wantedTag ) { michael@0: avas = NULL; michael@0: rdns = NULL; /* break out of all loops */ michael@0: } michael@0: } michael@0: } michael@0: return ava ? avaToString(arena, ava) : NULL; michael@0: } michael@0: michael@0: /* RDNs are sorted from most general to most specific. michael@0: * This code returns the LAST one found, the most specific one found. michael@0: * This is particularly appropriate for Common Name. See RFC 2818. michael@0: */ michael@0: static char * michael@0: CERT_GetLastNameElement(PLArenaPool *arena, const CERTName *name, int wantedTag) michael@0: { michael@0: CERTRDN** rdns = name->rdns; michael@0: CERTRDN* rdn; michael@0: CERTAVA* lastAva = NULL; michael@0: michael@0: while (rdns && (rdn = *rdns++) != 0) { michael@0: CERTAVA** avas = rdn->avas; michael@0: CERTAVA* ava; michael@0: while (avas && (ava = *avas++) != 0) { michael@0: int tag = CERT_GetAVATag(ava); michael@0: if ( tag == wantedTag ) { michael@0: lastAva = ava; michael@0: } michael@0: } michael@0: } michael@0: return lastAva ? avaToString(arena, lastAva) : NULL; michael@0: } michael@0: michael@0: char * michael@0: CERT_GetCertificateEmailAddress(CERTCertificate *cert) michael@0: { michael@0: char *rawEmailAddr = NULL; michael@0: SECItem subAltName; michael@0: SECStatus rv; michael@0: CERTGeneralName *nameList = NULL; michael@0: CERTGeneralName *current; michael@0: PLArenaPool *arena = NULL; michael@0: int i; michael@0: michael@0: subAltName.data = NULL; michael@0: michael@0: rawEmailAddr = CERT_GetNameElement(cert->arena, &(cert->subject), michael@0: SEC_OID_PKCS9_EMAIL_ADDRESS); michael@0: if ( rawEmailAddr == NULL ) { michael@0: rawEmailAddr = CERT_GetNameElement(cert->arena, &(cert->subject), michael@0: SEC_OID_RFC1274_MAIL); michael@0: } michael@0: if ( rawEmailAddr == NULL) { michael@0: michael@0: rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME, michael@0: &subAltName); michael@0: if (rv != SECSuccess) { michael@0: goto finish; michael@0: } michael@0: arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); michael@0: if (!arena) { michael@0: goto finish; michael@0: } michael@0: nameList = current = CERT_DecodeAltNameExtension(arena, &subAltName); michael@0: if (!nameList ) { michael@0: goto finish; michael@0: } michael@0: if (nameList != NULL) { michael@0: do { michael@0: if (current->type == certDirectoryName) { michael@0: rawEmailAddr = CERT_GetNameElement(cert->arena, michael@0: &(current->name.directoryName), michael@0: SEC_OID_PKCS9_EMAIL_ADDRESS); michael@0: if ( rawEmailAddr == NULL ) { michael@0: rawEmailAddr = CERT_GetNameElement(cert->arena, michael@0: &(current->name.directoryName), SEC_OID_RFC1274_MAIL); michael@0: } michael@0: } else if (current->type == certRFC822Name) { michael@0: rawEmailAddr = (char*)PORT_ArenaZAlloc(cert->arena, michael@0: current->name.other.len + 1); michael@0: if (!rawEmailAddr) { michael@0: goto finish; michael@0: } michael@0: PORT_Memcpy(rawEmailAddr, current->name.other.data, michael@0: current->name.other.len); michael@0: rawEmailAddr[current->name.other.len] = '\0'; michael@0: } michael@0: if (rawEmailAddr) { michael@0: break; michael@0: } michael@0: current = CERT_GetNextGeneralName(current); michael@0: } while (current != nameList); michael@0: } michael@0: } michael@0: if (rawEmailAddr) { michael@0: for (i = 0; i <= (int) PORT_Strlen(rawEmailAddr); i++) { michael@0: rawEmailAddr[i] = tolower(rawEmailAddr[i]); michael@0: } michael@0: } michael@0: michael@0: finish: michael@0: michael@0: /* Don't free nameList, it's part of the arena. */ michael@0: michael@0: if (arena) { michael@0: PORT_FreeArena(arena, PR_FALSE); michael@0: } michael@0: michael@0: if ( subAltName.data ) { michael@0: SECITEM_FreeItem(&subAltName, PR_FALSE); michael@0: } michael@0: michael@0: return(rawEmailAddr); michael@0: } michael@0: michael@0: static char * michael@0: appendStringToBuf(char *dest, char *src, PRUint32 *pRemaining) michael@0: { michael@0: PRUint32 len; michael@0: if (dest && src && src[0] && *pRemaining > (len = PL_strlen(src))) { michael@0: PRUint32 i; michael@0: for (i = 0; i < len; ++i) michael@0: dest[i] = tolower(src[i]); michael@0: dest[len] = 0; michael@0: dest += len + 1; michael@0: *pRemaining -= len + 1; michael@0: } michael@0: return dest; michael@0: } michael@0: michael@0: #undef NEEDS_HEX_ESCAPE michael@0: #define NEEDS_HEX_ESCAPE(c) (c < 0x20) michael@0: michael@0: static char * michael@0: appendItemToBuf(char *dest, SECItem *src, PRUint32 *pRemaining) michael@0: { michael@0: if (dest && src && src->data && src->len && src->data[0]) { michael@0: PRUint32 len = src->len; michael@0: PRUint32 i; michael@0: PRUint32 reqLen = len + 1; michael@0: /* are there any embedded control characters ? */ michael@0: for (i = 0; i < len; i++) { michael@0: if (NEEDS_HEX_ESCAPE(src->data[i])) michael@0: reqLen += 2; michael@0: } michael@0: if (*pRemaining > reqLen) { michael@0: for (i = 0; i < len; ++i) { michael@0: PRUint8 c = src->data[i]; michael@0: if (NEEDS_HEX_ESCAPE(c)) { michael@0: *dest++ = C_BACKSLASH; michael@0: *dest++ = hexChars[ (c >> 4) & 0x0f ]; michael@0: *dest++ = hexChars[ c & 0x0f ]; michael@0: } else { michael@0: *dest++ = tolower(c); michael@0: } michael@0: } michael@0: *dest++ = '\0'; michael@0: *pRemaining -= reqLen; michael@0: } michael@0: } michael@0: return dest; michael@0: } michael@0: michael@0: /* Returns a pointer to an environment-like string, a series of michael@0: ** null-terminated strings, terminated by a zero-length string. michael@0: ** This function is intended to be internal to NSS. michael@0: */ michael@0: char * michael@0: cert_GetCertificateEmailAddresses(CERTCertificate *cert) michael@0: { michael@0: char * rawEmailAddr = NULL; michael@0: char * addrBuf = NULL; michael@0: char * pBuf = NULL; michael@0: PLArenaPool * tmpArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); michael@0: PRUint32 maxLen = 0; michael@0: PRInt32 finalLen = 0; michael@0: SECStatus rv; michael@0: SECItem subAltName; michael@0: michael@0: if (!tmpArena) michael@0: return addrBuf; michael@0: michael@0: subAltName.data = NULL; michael@0: maxLen = cert->derCert.len; michael@0: PORT_Assert(maxLen); michael@0: if (!maxLen) michael@0: maxLen = 2000; /* a guess, should never happen */ michael@0: michael@0: pBuf = addrBuf = (char *)PORT_ArenaZAlloc(tmpArena, maxLen + 1); michael@0: if (!addrBuf) michael@0: goto loser; michael@0: michael@0: rawEmailAddr = CERT_GetNameElement(tmpArena, &cert->subject, michael@0: SEC_OID_PKCS9_EMAIL_ADDRESS); michael@0: pBuf = appendStringToBuf(pBuf, rawEmailAddr, &maxLen); michael@0: michael@0: rawEmailAddr = CERT_GetNameElement(tmpArena, &cert->subject, michael@0: SEC_OID_RFC1274_MAIL); michael@0: pBuf = appendStringToBuf(pBuf, rawEmailAddr, &maxLen); michael@0: michael@0: rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME, michael@0: &subAltName); michael@0: if (rv == SECSuccess && subAltName.data) { michael@0: CERTGeneralName *nameList = NULL; michael@0: michael@0: if (!!(nameList = CERT_DecodeAltNameExtension(tmpArena, &subAltName))) { michael@0: CERTGeneralName *current = nameList; michael@0: do { michael@0: if (current->type == certDirectoryName) { michael@0: rawEmailAddr = CERT_GetNameElement(tmpArena, michael@0: ¤t->name.directoryName, michael@0: SEC_OID_PKCS9_EMAIL_ADDRESS); michael@0: pBuf = appendStringToBuf(pBuf, rawEmailAddr, &maxLen); michael@0: michael@0: rawEmailAddr = CERT_GetNameElement(tmpArena, michael@0: ¤t->name.directoryName, michael@0: SEC_OID_RFC1274_MAIL); michael@0: pBuf = appendStringToBuf(pBuf, rawEmailAddr, &maxLen); michael@0: } else if (current->type == certRFC822Name) { michael@0: pBuf = appendItemToBuf(pBuf, ¤t->name.other, &maxLen); michael@0: } michael@0: current = CERT_GetNextGeneralName(current); michael@0: } while (current != nameList); michael@0: } michael@0: SECITEM_FreeItem(&subAltName, PR_FALSE); michael@0: /* Don't free nameList, it's part of the tmpArena. */ michael@0: } michael@0: /* now copy superstring to cert's arena */ michael@0: finalLen = (pBuf - addrBuf) + 1; michael@0: pBuf = NULL; michael@0: if (finalLen > 1) { michael@0: pBuf = PORT_ArenaAlloc(cert->arena, finalLen); michael@0: if (pBuf) { michael@0: PORT_Memcpy(pBuf, addrBuf, finalLen); michael@0: } michael@0: } michael@0: loser: michael@0: if (tmpArena) michael@0: PORT_FreeArena(tmpArena, PR_FALSE); michael@0: michael@0: return pBuf; michael@0: } michael@0: michael@0: /* returns pointer to storage in cert's arena. Storage remains valid michael@0: ** as long as cert's reference count doesn't go to zero. michael@0: ** Caller should strdup or otherwise copy. michael@0: */ michael@0: const char * /* const so caller won't muck with it. */ michael@0: CERT_GetFirstEmailAddress(CERTCertificate * cert) michael@0: { michael@0: if (cert && cert->emailAddr && cert->emailAddr[0]) michael@0: return (const char *)cert->emailAddr; michael@0: return NULL; michael@0: } michael@0: michael@0: /* returns pointer to storage in cert's arena. Storage remains valid michael@0: ** as long as cert's reference count doesn't go to zero. michael@0: ** Caller should strdup or otherwise copy. michael@0: */ michael@0: const char * /* const so caller won't muck with it. */ michael@0: CERT_GetNextEmailAddress(CERTCertificate * cert, const char * prev) michael@0: { michael@0: if (cert && prev && prev[0]) { michael@0: PRUint32 len = PL_strlen(prev); michael@0: prev += len + 1; michael@0: if (prev && prev[0]) michael@0: return prev; michael@0: } michael@0: return NULL; michael@0: } michael@0: michael@0: /* This is seriously bogus, now that certs store their email addresses in michael@0: ** subject Alternative Name extensions. michael@0: ** Returns a string allocated by PORT_StrDup, which the caller must free. michael@0: */ michael@0: char * michael@0: CERT_GetCertEmailAddress(const CERTName *name) michael@0: { michael@0: char *rawEmailAddr; michael@0: char *emailAddr; michael@0: michael@0: michael@0: rawEmailAddr = CERT_GetNameElement(NULL, name, SEC_OID_PKCS9_EMAIL_ADDRESS); michael@0: if ( rawEmailAddr == NULL ) { michael@0: rawEmailAddr = CERT_GetNameElement(NULL, name, SEC_OID_RFC1274_MAIL); michael@0: } michael@0: emailAddr = CERT_FixupEmailAddr(rawEmailAddr); michael@0: if ( rawEmailAddr ) { michael@0: PORT_Free(rawEmailAddr); michael@0: } michael@0: return(emailAddr); michael@0: } michael@0: michael@0: /* The return value must be freed with PORT_Free. */ michael@0: char * michael@0: CERT_GetCommonName(const CERTName *name) michael@0: { michael@0: return(CERT_GetLastNameElement(NULL, name, SEC_OID_AVA_COMMON_NAME)); michael@0: } michael@0: michael@0: char * michael@0: CERT_GetCountryName(const CERTName *name) michael@0: { michael@0: return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_COUNTRY_NAME)); michael@0: } michael@0: michael@0: char * michael@0: CERT_GetLocalityName(const CERTName *name) michael@0: { michael@0: return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_LOCALITY)); michael@0: } michael@0: michael@0: char * michael@0: CERT_GetStateName(const CERTName *name) michael@0: { michael@0: return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_STATE_OR_PROVINCE)); michael@0: } michael@0: michael@0: char * michael@0: CERT_GetOrgName(const CERTName *name) michael@0: { michael@0: return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_ORGANIZATION_NAME)); michael@0: } michael@0: michael@0: char * michael@0: CERT_GetDomainComponentName(const CERTName *name) michael@0: { michael@0: return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_DC)); michael@0: } michael@0: michael@0: char * michael@0: CERT_GetOrgUnitName(const CERTName *name) michael@0: { michael@0: return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME)); michael@0: } michael@0: michael@0: char * michael@0: CERT_GetDnQualifier(const CERTName *name) michael@0: { michael@0: return(CERT_GetNameElement(NULL, name, SEC_OID_AVA_DN_QUALIFIER)); michael@0: } michael@0: michael@0: char * michael@0: CERT_GetCertUid(const CERTName *name) michael@0: { michael@0: return(CERT_GetNameElement(NULL, name, SEC_OID_RFC1274_UID)); michael@0: } michael@0: