LCOV - code coverage report
Current view: top level - src - dn.c (source / functions) Hit Total Coverage
Test: coverage.info Lines: 334 672 49.7 %
Date: 2016-11-29 14:53:22 Functions: 19 23 82.6 %

          Line data    Source code
       1             : /* dn.c - Distinguished Name helper functions
       2             :  * Copyright (C) 2001, 2006, 2012 g10 Code GmbH
       3             :  *
       4             :  * This file is part of KSBA.
       5             :  *
       6             :  * KSBA is free software; you can redistribute it and/or modify
       7             :  * it under the terms of either
       8             :  *
       9             :  *   - the GNU Lesser General Public License as published by the Free
      10             :  *     Software Foundation; either version 3 of the License, or (at
      11             :  *     your option) any later version.
      12             :  *
      13             :  * or
      14             :  *
      15             :  *   - the GNU General Public License as published by the Free
      16             :  *     Software Foundation; either version 2 of the License, or (at
      17             :  *     your option) any later version.
      18             :  *
      19             :  * or both in parallel, as here.
      20             :  *
      21             :  * KSBA is distributed in the hope that it will be useful, but WITHOUT
      22             :  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
      23             :  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
      24             :  * License for more details.
      25             :  *
      26             :  * You should have received a copies of the GNU General Public License
      27             :  * and the GNU Lesser General Public License along with this program;
      28             :  * if not, see <http://www.gnu.org/licenses/>.
      29             :  */
      30             : 
      31             : /* Reference is RFC-2253 */
      32             : 
      33             : #include <config.h>
      34             : #include <stdio.h>
      35             : #include <stdlib.h>
      36             : #include <string.h>
      37             : #include <assert.h>
      38             : 
      39             : #include "util.h"
      40             : #include "asn1-func.h"
      41             : #include "ber-help.h"
      42             : #include "ber-decoder.h"
      43             : 
      44             : static const struct {
      45             :   const char *name;
      46             :   int source; /* 0 = unknown
      47             :                  1 = rfc2253
      48             :                  2 = David Chadwick, July 2003
      49             :                  <draft-ietf-pkix-dnstrings-02.txt>
      50             :                  3 = Peter Gutmann
      51             :               */
      52             :   const char *description;
      53             :   size_t      oidlen;
      54             :   const unsigned char *oid;  /* DER encoded OID.  */
      55             :   const char *oidstr;        /* OID as dotted string.  */
      56             : } oid_name_tbl[] = {
      57             : {"CN", 1, "CommonName",            3, "\x55\x04\x03", "2.5.4.3" },
      58             : {"SN", 2, "Surname",               3, "\x55\x04\x04", "2.5.4.4" },
      59             : {"SERIALNUMBER", 2, "SerialNumber",3, "\x55\x04\x05", "2.5.4.5" },
      60             : {"C",  1, "CountryName",           3, "\x55\x04\x06", "2.5.4.6" },
      61             : {"L" , 1, "LocalityName",          3, "\x55\x04\x07", "2.5.4.7" },
      62             : {"ST", 1, "StateOrProvince",       3, "\x55\x04\x08", "2.5.4.8" },
      63             : {"STREET", 1, "StreetAddress",     3, "\x55\x04\x09", "2.5.4.9" },
      64             : {"O",  1, "OrganizationName",      3, "\x55\x04\x0a", "2.5.4.10" },
      65             : {"OU", 1, "OrganizationalUnit",    3, "\x55\x04\x0b", "2.5.4.11" },
      66             : {"T",  2, "Title",                 3, "\x55\x04\x0c", "2.5.4.12" },
      67             : {"D",  3, "Description",           3, "\x55\x04\x0d", "2.5.4.13" },
      68             : {"BC", 3, "BusinessCategory",      3, "\x55\x04\x0f", "2.5.4.15" },
      69             : {"ADDR", 2, "PostalAddress",       3, "\x55\x04\x11", "2.5.4.16" },
      70             : {"POSTALCODE" , 0, "PostalCode",   3, "\x55\x04\x11", "2.5.4.17" },
      71             : {"GN", 2, "GivenName",             3, "\x55\x04\x2a", "2.5.4.42" },
      72             : {"PSEUDO", 2, "Pseudonym",         3, "\x55\x04\x41", "2.5.4.65" },
      73             : {"DC", 1, "domainComponent",      10,
      74             :     "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19", "0.9.2342.19200300.100.1.25" },
      75             : {"UID", 1, "userid",              10,
      76             :     "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x01", "0.9.2342.19200300.100.1.1 " },
      77             : {"EMAIL", 3, "emailAddress",       9,
      78             :     "\x2A\x86\x48\x86\xF7\x0D\x01\x09\x01",     "1.2.840.113549.1.9.1" },
      79             : { NULL }
      80             : };
      81             : 
      82             : 
      83             : #define N 0x00
      84             : #define P 0x01
      85             : static unsigned char charclasses[128] = {
      86             :   N, N, N, N, N, N, N, N,  N, N, N, N, N, N, N, N,
      87             :   N, N, N, N, N, N, N, N,  N, N, N, N, N, N, N, N,
      88             :   P, N, N, N, N, N, N, P,  P, P, N, P, P, P, P, P,
      89             :   P, P, P, P, P, P, P, P,  P, P, P, N, N, P, N, P,
      90             :   N, P, P, P, P, P, P, P,  P, P, P, P, P, P, P, P,
      91             :   P, P, P, P, P, P, P, P,  P, P, P, N, N, N, N, N,
      92             :   N, P, P, P, P, P, P, P,  P, P, P, P, P, P, P, P,
      93             :   P, P, P, P, P, P, P, P,  P, P, P, N, N, N, N, N
      94             : };
      95             : #undef N
      96             : #undef P
      97             : 
      98             : struct stringbuf {
      99             :   size_t len;
     100             :   size_t size;
     101             :   char *buf;
     102             :   int out_of_core;
     103             : };
     104             : 
     105             : 
     106             : 
     107             : static void
     108           9 : init_stringbuf (struct stringbuf *sb, int initiallen)
     109             : {
     110           9 :   sb->len = 0;
     111           9 :   sb->size = initiallen;
     112           9 :   sb->out_of_core = 0;
     113             :   /* allocate one more, so that get_stringbuf can append a nul */
     114           9 :   sb->buf = xtrymalloc (initiallen+1);
     115           9 :   if (!sb->buf)
     116           0 :       sb->out_of_core = 1;
     117           9 : }
     118             : 
     119             : static void
     120           9 : deinit_stringbuf (struct stringbuf *sb)
     121             : {
     122           9 :   xfree (sb->buf);
     123           9 :   sb->buf = NULL;
     124           9 :   sb->out_of_core = 1; /* make sure the caller does an init before reuse */
     125           9 : }
     126             : 
     127             : 
     128             : static void
     129         190 : put_stringbuf (struct stringbuf *sb, const char *text)
     130             : {
     131         190 :   size_t n = strlen (text);
     132             : 
     133         190 :   if (sb->out_of_core)
     134           0 :     return;
     135             : 
     136         190 :   if (sb->len + n >= sb->size)
     137             :     {
     138             :       char *p;
     139             : 
     140           4 :       sb->size += n + 100;
     141           4 :       p = xtryrealloc (sb->buf, sb->size);
     142           4 :       if ( !p)
     143             :         {
     144           0 :           sb->out_of_core = 1;
     145           0 :           return;
     146             :         }
     147           4 :       sb->buf = p;
     148             :     }
     149         190 :   memcpy (sb->buf+sb->len, text, n);
     150         190 :   sb->len += n;
     151             : }
     152             : 
     153             : static void
     154          43 : put_stringbuf_mem (struct stringbuf *sb, const char *text, size_t n)
     155             : {
     156          43 :   if (sb->out_of_core)
     157           0 :     return;
     158             : 
     159          43 :   if (sb->len + n >= sb->size)
     160             :     {
     161             :       char *p;
     162             : 
     163           0 :       sb->size += n + 100;
     164           0 :       p = xtryrealloc (sb->buf, sb->size);
     165           0 :       if ( !p)
     166             :         {
     167           0 :           sb->out_of_core = 1;
     168           0 :           return;
     169             :         }
     170           0 :       sb->buf = p;
     171             :     }
     172          43 :   memcpy (sb->buf+sb->len, text, n);
     173          43 :   sb->len += n;
     174             : }
     175             : 
     176             : static void
     177          40 : put_stringbuf_mem_skip (struct stringbuf *sb, const char *text, size_t n,
     178             :                         int skip)
     179             : {
     180             :   char *p;
     181             : 
     182          40 :   if (!skip)
     183             :     {
     184          40 :       put_stringbuf_mem (sb, text, n);
     185          40 :       return;
     186             :     }
     187           0 :   if (sb->out_of_core)
     188           0 :     return;
     189             : 
     190           0 :   if (sb->len + n >= sb->size)
     191             :     {
     192             :       /* Note: we allocate too much here, but we don't care. */
     193           0 :       sb->size += n + 100;
     194           0 :       p = xtryrealloc (sb->buf, sb->size);
     195           0 :       if ( !p)
     196             :         {
     197           0 :           sb->out_of_core = 1;
     198           0 :           return;
     199             :         }
     200           0 :       sb->buf = p;
     201             :     }
     202           0 :   p = sb->buf+sb->len;
     203           0 :   while (n > skip)
     204             :     {
     205           0 :       text += skip;
     206           0 :       n -= skip;
     207           0 :       *p++ = *text++;
     208           0 :       n--;
     209           0 :       sb->len++;
     210             :     }
     211             : }
     212             : 
     213             : static char *
     214           9 : get_stringbuf (struct stringbuf *sb)
     215             : {
     216             :   char *p;
     217             : 
     218           9 :   if (sb->out_of_core)
     219             :     {
     220           0 :       xfree (sb->buf); sb->buf = NULL;
     221           0 :       return NULL;
     222             :     }
     223             : 
     224           9 :   sb->buf[sb->len] = 0;
     225           9 :   p = sb->buf;
     226           9 :   sb->buf = NULL;
     227           9 :   sb->out_of_core = 1; /* make sure the caller does an init before reuse */
     228           9 :   return p;
     229             : }
     230             : 
     231             : 
     232             : /* This function is used for 1 byte encodings to insert any required
     233             :    quoting.  It does not do the quoting for a space or hash mark at
     234             :    the beginning of a string or a space as the last character of a
     235             :    string.  It will do steps of SKIP+1 characters, assuming that these
     236             :    SKIP characters are null octets. */
     237             : static void
     238          40 : append_quoted (struct stringbuf *sb, const unsigned char *value, size_t length,
     239             :                int skip)
     240             : {
     241             :   unsigned char tmp[4];
     242          40 :   const unsigned char *s = value;
     243          40 :   size_t n = 0;
     244             : 
     245             :   for (;;)
     246             :     {
     247         506 :       for (value = s; n+skip < length; n++, s++)
     248             :         {
     249         466 :           s += skip;
     250         466 :           n += skip;
     251         466 :           if (*s < ' ' || *s > 126 || strchr (",+\"\\<>;", *s) )
     252             :             break;
     253             :         }
     254             : 
     255          40 :       if (s != value)
     256          40 :         put_stringbuf_mem_skip (sb, value, s-value, skip);
     257          40 :       if (n+skip >= length)
     258          80 :         return; /* ready */
     259           0 :       s += skip;
     260           0 :       n += skip;
     261           0 :       if ( *s < ' ' || *s > 126 )
     262             :         {
     263           0 :           snprintf (tmp, sizeof tmp, "\\%02X", *s);
     264           0 :           put_stringbuf_mem (sb, tmp, 3);
     265             :         }
     266             :       else
     267             :         {
     268           0 :           tmp[0] = '\\';
     269           0 :           tmp[1] = *s;
     270           0 :           put_stringbuf_mem (sb, tmp, 2);
     271             :         }
     272           0 :       n++; s++;
     273           0 :     }
     274             : }
     275             : 
     276             : 
     277             : /* Append VALUE of LENGTH and TYPE to SB.  Do the required quoting. */
     278             : static void
     279           0 : append_utf8_value (const unsigned char *value, size_t length,
     280             :                    struct stringbuf *sb)
     281             : {
     282             :   unsigned char tmp[6];
     283             :   const unsigned char *s;
     284             :   size_t n;
     285             :   int i, nmore;
     286             : 
     287           0 :   if (length && (*value == ' ' || *value == '#'))
     288             :     {
     289           0 :       tmp[0] = '\\';
     290           0 :       tmp[1] = *value;
     291           0 :       put_stringbuf_mem (sb, tmp, 2);
     292           0 :       value++;
     293           0 :       length--;
     294             :     }
     295           0 :   if (length && value[length-1] == ' ')
     296             :     {
     297           0 :       tmp[0] = '\\';
     298           0 :       tmp[1] = ' ';
     299           0 :       put_stringbuf_mem (sb, tmp, 2);
     300           0 :       length--;
     301             :     }
     302             : 
     303           0 :   for (s=value, n=0;;)
     304             :     {
     305           0 :       for (value = s; n < length && !(*s & 0x80); n++, s++)
     306             :         ;
     307           0 :       if (s != value)
     308           0 :         append_quoted (sb, value, s-value, 0);
     309           0 :       if (n==length)
     310           0 :         return; /* ready */
     311           0 :       if (!(*s & 0x80))
     312           0 :         nmore = 0; /* Not expected here: high bit not set.  */
     313           0 :       else if ( (*s & 0xe0) == 0xc0 ) /* 110x xxxx */
     314           0 :         nmore = 1;
     315           0 :       else if ( (*s & 0xf0) == 0xe0 ) /* 1110 xxxx */
     316           0 :         nmore = 2;
     317           0 :       else if ( (*s & 0xf8) == 0xf0 ) /* 1111 0xxx */
     318           0 :         nmore = 3;
     319           0 :       else if ( (*s & 0xfc) == 0xf8 ) /* 1111 10xx */
     320           0 :         nmore = 4;
     321           0 :       else if ( (*s & 0xfe) == 0xfc ) /* 1111 110x */
     322           0 :         nmore = 5;
     323             :       else /* Invalid encoding */
     324           0 :         nmore = 0;
     325             : 
     326           0 :       if (!nmore)
     327             :         {
     328             :           /* Encoding error:  We quote the bad byte.  */
     329           0 :           snprintf (tmp, sizeof tmp, "\\%02X", *s);
     330           0 :           put_stringbuf_mem (sb, tmp, 3);
     331           0 :           s++; n++;
     332             :         }
     333             :       else
     334             :         {
     335           0 :           tmp[0] = *s++; n++;
     336           0 :           for (i=1; n < length && i <= nmore; i++)
     337             :             {
     338           0 :               if ( (*s & 0xc0) != 0x80)
     339           0 :                 break; /* Invalid encoding - let the next cycle detect this. */
     340           0 :               tmp[i] = *s++;
     341           0 :               n++;
     342             :             }
     343           0 :           put_stringbuf_mem (sb, tmp, i);
     344             :         }
     345           0 :     }
     346             : }
     347             : 
     348             : /* Append VALUE of LENGTH and TYPE to SB.  Do character set conversion
     349             :    and quoting */
     350             : static void
     351          37 : append_latin1_value (const unsigned char *value, size_t length,
     352             :                      struct stringbuf *sb)
     353             : {
     354             :   unsigned char tmp[2];
     355             :   const unsigned char *s;
     356             :   size_t n;
     357             : 
     358          37 :   if (length && (*value == ' ' || *value == '#'))
     359             :     {
     360           0 :       tmp[0] = '\\';
     361           0 :       tmp[1] = *value;
     362           0 :       put_stringbuf_mem (sb, tmp, 2);
     363           0 :       value++;
     364           0 :       length--;
     365             :     }
     366          37 :   if (length && value[length-1] == ' ')
     367             :     {
     368           0 :       tmp[0] = '\\';
     369           0 :       tmp[1] = ' ';
     370           0 :       put_stringbuf_mem (sb, tmp, 2);
     371           0 :       length--;
     372             :     }
     373             : 
     374          37 :   for (s=value, n=0;;)
     375             :     {
     376          40 :       for (value = s; n < length && !(*s & 0x80); n++, s++)
     377             :         ;
     378          40 :       if (s != value)
     379          40 :         append_quoted (sb, value, s-value, 0);
     380          40 :       if (n==length)
     381          74 :         return; /* ready */
     382           3 :       assert ((*s & 0x80));
     383           3 :       tmp[0] = 0xc0 | ((*s >> 6) & 3);
     384           3 :       tmp[1] = 0x80 | ( *s & 0x3f );
     385           3 :       put_stringbuf_mem (sb, tmp, 2);
     386           3 :       n++; s++;
     387           3 :     }
     388             : }
     389             : 
     390             : /* Append VALUE of LENGTH and TYPE to SB.  Do UCS-4 to utf conversion
     391             :    and and quoting */
     392             : static void
     393           0 : append_ucs4_value (const unsigned char *value, size_t length,
     394             :                    struct stringbuf *sb)
     395             : {
     396             :   unsigned char tmp[7];
     397             :   const unsigned char *s;
     398             :   size_t n;
     399             :   unsigned int c;
     400             :   int i;
     401             : 
     402           0 :   if (length>3 && !value[0] && !value[1] && !value[2]
     403           0 :       && (value[3] == ' ' || value[3] == '#'))
     404             :     {
     405           0 :       tmp[0] = '\\';
     406           0 :       tmp[1] = *value;
     407           0 :       put_stringbuf_mem (sb, tmp, 2);
     408           0 :       value += 4;
     409           0 :       length -= 4;
     410             :     }
     411           0 :   if (length>3 && !value[0] && !value[1] && !value[2] && value[3] == ' ')
     412             :     {
     413           0 :       tmp[0] = '\\';
     414           0 :       tmp[1] = ' ';
     415           0 :       put_stringbuf_mem (sb, tmp, 2);
     416           0 :       length -= 4;
     417             :     }
     418             : 
     419           0 :   for (s=value, n=0;;)
     420             :     {
     421           0 :       for (value = s; n+3 < length
     422           0 :              && !s[0] && !s[1] && !s[2] && !(s[3] & 0x80); n += 4, s += 4)
     423             :         ;
     424           0 :       if (s != value)
     425           0 :         append_quoted (sb, value, s-value, 3);
     426           0 :       if (n>=length)
     427           0 :         return; /* ready */
     428           0 :       if (n < 4)
     429             :         { /* This is an invalid encoding - better stop after adding
     430             :              one impossible characater */
     431           0 :           put_stringbuf_mem (sb, "\xff", 1);
     432           0 :           return;
     433             :         }
     434           0 :       c = *s++ << 24;
     435           0 :       c |= *s++ << 16;
     436           0 :       c |= *s++ << 8;
     437           0 :       c |= *s++;
     438           0 :       n += 4;
     439           0 :       i=0;
     440           0 :       if (c < (1<<11))
     441             :         {
     442           0 :           tmp[i++] = 0xc0 | ( c >>  6);
     443           0 :           tmp[i++] = 0x80 | ( c        & 0x3f);
     444             :         }
     445           0 :       else if (c < (1<<16))
     446             :         {
     447           0 :           tmp[i++] = 0xe0 | ( c >> 12);
     448           0 :           tmp[i++] = 0x80 | ((c >>  6) & 0x3f);
     449           0 :           tmp[i++] = 0x80 | ( c        & 0x3f);
     450             :         }
     451           0 :       else if (c < (1<<21))
     452             :         {
     453           0 :           tmp[i++] = 0xf0 | ( c >> 18);
     454           0 :           tmp[i++] = 0x80 | ((c >> 12) & 0x3f);
     455           0 :           tmp[i++] = 0x80 | ((c >>  6) & 0x3f);
     456           0 :           tmp[i++] = 0x80 | ( c        & 0x3f);
     457             :         }
     458           0 :       else if (c < (1<<26))
     459             :         {
     460           0 :           tmp[i++] = 0xf8 | ( c >> 24);
     461           0 :           tmp[i++] = 0x80 | ((c >> 18) & 0x3f);
     462           0 :           tmp[i++] = 0x80 | ((c >> 12) & 0x3f);
     463           0 :           tmp[i++] = 0x80 | ((c >>  6) & 0x3f);
     464           0 :           tmp[i++] = 0x80 | ( c        & 0x3f);
     465             :         }
     466             :       else
     467             :         {
     468           0 :           tmp[i++] = 0xfc | ( c >> 30);
     469           0 :           tmp[i++] = 0x80 | ((c >> 24) & 0x3f);
     470           0 :           tmp[i++] = 0x80 | ((c >> 18) & 0x3f);
     471           0 :           tmp[i++] = 0x80 | ((c >> 12) & 0x3f);
     472           0 :           tmp[i++] = 0x80 | ((c >>  6) & 0x3f);
     473           0 :           tmp[i++] = 0x80 | ( c        & 0x3f);
     474             :         }
     475           0 :       put_stringbuf_mem (sb, tmp, i);
     476           0 :     }
     477             : }
     478             : 
     479             : /* Append VALUE of LENGTH and TYPE to SB.  Do UCS-2 to utf conversion
     480             :    and and quoting */
     481             : static void
     482           0 : append_ucs2_value (const unsigned char *value, size_t length,
     483             :                    struct stringbuf *sb)
     484             : {
     485             :   unsigned char tmp[3];
     486             :   const unsigned char *s;
     487             :   size_t n;
     488             :   unsigned int c;
     489             :   int i;
     490             : 
     491           0 :   if (length>1 && !value[0] && (value[1] == ' ' || value[1] == '#'))
     492             :     {
     493           0 :       tmp[0] = '\\';
     494           0 :       tmp[1] = *value;
     495           0 :       put_stringbuf_mem (sb, tmp, 2);
     496           0 :       value += 2;
     497           0 :       length -= 2;
     498             :     }
     499           0 :   if (length>1 && !value[0] && value[1] == ' ')
     500             :     {
     501           0 :       tmp[0] = '\\';
     502           0 :       tmp[1] = ' ';
     503           0 :       put_stringbuf_mem (sb, tmp, 2);
     504           0 :       length -=2;
     505             :     }
     506             : 
     507           0 :   for (s=value, n=0;;)
     508             :     {
     509           0 :       for (value = s; n+1 < length && !s[0] && !(s[1] & 0x80); n += 2, s += 2)
     510             :         ;
     511           0 :       if (s != value)
     512           0 :         append_quoted (sb, value, s-value, 1);
     513           0 :       if (n>=length)
     514           0 :         return; /* ready */
     515           0 :       if (n < 2)
     516             :         { /* This is an invalid encoding - better stop after adding
     517             :              one impossible characater */
     518           0 :           put_stringbuf_mem (sb, "\xff", 1);
     519           0 :           return;
     520             :         }
     521           0 :       c  = *s++ << 8;
     522           0 :       c |= *s++;
     523           0 :       n += 2;
     524           0 :       i=0;
     525           0 :       if (c < (1<<11))
     526             :         {
     527           0 :           tmp[i++] = 0xc0 | ( c >>  6);
     528           0 :           tmp[i++] = 0x80 | ( c        & 0x3f);
     529             :         }
     530             :       else
     531             :         {
     532           0 :           tmp[i++] = 0xe0 | ( c >> 12);
     533           0 :           tmp[i++] = 0x80 | ((c >>  6) & 0x3f);
     534           0 :           tmp[i++] = 0x80 | ( c        & 0x3f);
     535             :         }
     536           0 :       put_stringbuf_mem (sb, tmp, i);
     537           0 :     }
     538             : }
     539             : 
     540             : 
     541             : /* Append attribute and value.  ROOT is the sequence */
     542             : static gpg_error_t
     543          41 : append_atv (const unsigned char *image, AsnNode root, struct stringbuf *sb)
     544             : {
     545          41 :   AsnNode node = root->down;
     546             :   const char *name;
     547          41 :   int use_hex = 0;
     548             :   int i;
     549             : 
     550          41 :   if (!node || node->type != TYPE_OBJECT_ID)
     551           0 :     return gpg_error (GPG_ERR_UNEXPECTED_TAG);
     552          41 :   if (node->off == -1)
     553           0 :     return gpg_error (GPG_ERR_NO_VALUE); /* Hmmm, this might lead to misunderstandings */
     554             : 
     555          41 :   name = NULL;
     556         275 :   for (i=0; oid_name_tbl[i].name; i++)
     557             :     {
     558         271 :       if (oid_name_tbl[i].source == 1
     559         175 :           && node->len == oid_name_tbl[i].oidlen
     560         278 :           && !memcmp (image+node->off+node->nhdr,
     561         278 :                       oid_name_tbl[i].oid, node->len))
     562             :         {
     563          37 :           name = oid_name_tbl[i].name;
     564          37 :           break;
     565             :         }
     566             :     }
     567          41 :   if (name)
     568          37 :     put_stringbuf (sb, name);
     569             :   else
     570             :     { /* No name for the OID in the table; at least not DER encoded.
     571             :          Now convert the OID to a string, try to find it in the table
     572             :          again and use the string as last resort.  */
     573             :       char *p;
     574             : 
     575           4 :       p = ksba_oid_to_str (image+node->off+node->nhdr, node->len);
     576           4 :       if (!p)
     577           0 :         return gpg_error (GPG_ERR_ENOMEM);
     578             : 
     579          80 :       for (i=0; *p && oid_name_tbl[i].name; i++)
     580             :         {
     581          76 :           if (oid_name_tbl[i].source == 1
     582          36 :               && !strcmp (p, oid_name_tbl[i].oidstr))
     583             :             {
     584           0 :               name = oid_name_tbl[i].name;
     585           0 :               break;
     586             :             }
     587             :         }
     588           4 :       if (name)
     589           0 :         put_stringbuf (sb, name);
     590             :       else
     591             :         {
     592           4 :           put_stringbuf (sb, p);
     593           4 :           use_hex = 1;
     594             :         }
     595           4 :       xfree (p);
     596             :     }
     597          41 :   put_stringbuf (sb, "=");
     598          41 :   node = node->right;
     599          41 :   if (!node || node->off == -1)
     600           0 :     return gpg_error (GPG_ERR_NO_VALUE);
     601             : 
     602          41 :   switch (use_hex? 0 : node->type)
     603             :     {
     604             :     case TYPE_UTF8_STRING:
     605           0 :       append_utf8_value (image+node->off+node->nhdr, node->len, sb);
     606           0 :       break;
     607             :     case TYPE_PRINTABLE_STRING:
     608             :     case TYPE_IA5_STRING:
     609             :       /* we assume that wrong encodings are latin-1 */
     610             :     case TYPE_TELETEX_STRING: /* Not correct, but mostly used as latin-1 */
     611          37 :       append_latin1_value (image+node->off+node->nhdr, node->len, sb);
     612          37 :       break;
     613             : 
     614             :     case TYPE_UNIVERSAL_STRING:
     615           0 :       append_ucs4_value (image+node->off+node->nhdr, node->len, sb);
     616           0 :       break;
     617             : 
     618             :     case TYPE_BMP_STRING:
     619           0 :       append_ucs2_value (image+node->off+node->nhdr, node->len, sb);
     620           0 :       break;
     621             : 
     622             :     case 0: /* forced usage of hex */
     623             :     default:
     624           4 :       put_stringbuf (sb, "#");
     625          76 :       for (i=0; i < node->len; i++)
     626             :         {
     627             :           char tmp[3];
     628          72 :           snprintf (tmp, sizeof tmp, "%02X", image[node->off+node->nhdr+i]);
     629          72 :           put_stringbuf (sb, tmp);
     630             :         }
     631           4 :       break;
     632             :     }
     633             : 
     634          41 :   return 0;
     635             : }
     636             : 
     637             : static gpg_error_t
     638           9 : dn_to_str (const unsigned char *image, AsnNode root, struct stringbuf *sb)
     639             : {
     640             :   gpg_error_t err;
     641             :   AsnNode nset;
     642             : 
     643           9 :   if (!root )
     644           0 :     return 0; /* empty DN */
     645           9 :   nset = root->down;
     646           9 :   if (!nset)
     647           0 :     return 0; /* consider this as empty */
     648           9 :   if (nset->type != TYPE_SET_OF)
     649           0 :     return gpg_error (GPG_ERR_UNEXPECTED_TAG);
     650             : 
     651             :   /* output in reverse order */
     652          50 :   while (nset->right)
     653          32 :     nset = nset->right;
     654             : 
     655             :   for (;;)
     656             :     {
     657             :       AsnNode nseq;
     658             : 
     659          41 :       if (nset->type != TYPE_SET_OF)
     660           0 :         return gpg_error (GPG_ERR_UNEXPECTED_TAG);
     661          82 :       for (nseq = nset->down; nseq; nseq = nseq->right)
     662             :         {
     663          41 :           if (nseq->type != TYPE_SEQUENCE)
     664           0 :             return gpg_error (GPG_ERR_UNEXPECTED_TAG);
     665          41 :           if (nseq != nset->down)
     666           0 :             put_stringbuf (sb, "+");
     667          41 :           err = append_atv (image, nseq, sb);
     668          41 :           if (err)
     669           0 :             return err;
     670             :         }
     671          41 :       if (nset == root->down)
     672           9 :         break;
     673          32 :       put_stringbuf (sb, ",");
     674          32 :       nset = nset->left;
     675          32 :     }
     676             : 
     677           9 :   return 0;
     678             : }
     679             : 
     680             : 
     681             : gpg_error_t
     682           9 : _ksba_dn_to_str (const unsigned char *image, AsnNode node, char **r_string)
     683             : {
     684             :   gpg_error_t err;
     685             :   struct stringbuf sb;
     686             : 
     687           9 :   *r_string = NULL;
     688           9 :   if (!node || node->type != TYPE_SEQUENCE_OF)
     689           0 :     return gpg_error (GPG_ERR_INV_VALUE);
     690             : 
     691           9 :   init_stringbuf (&sb, 100);
     692           9 :   err = dn_to_str (image, node, &sb);
     693           9 :   if (!err)
     694             :     {
     695           9 :       *r_string = get_stringbuf (&sb);
     696           9 :       if (!*r_string)
     697           0 :         err = gpg_error (GPG_ERR_ENOMEM);
     698             :     }
     699           9 :   deinit_stringbuf (&sb);
     700             : 
     701           9 :   return err;
     702             : }
     703             : 
     704             : 
     705             : /* Create a new decoder and run it for the given element */
     706             : /* Fixme: this code is duplicated from cms-parser.c */
     707             : static gpg_error_t
     708           2 : create_and_run_decoder (ksba_reader_t reader, const char *elem_name,
     709             :                         AsnNode *r_root,
     710             :                         unsigned char **r_image, size_t *r_imagelen)
     711             : {
     712             :   gpg_error_t err;
     713             :   ksba_asn_tree_t crl_tree;
     714             :   BerDecoder decoder;
     715             : 
     716           2 :   err = ksba_asn_create_tree ("tmttv2", &crl_tree);
     717           2 :   if (err)
     718           0 :     return err;
     719             : 
     720           2 :   decoder = _ksba_ber_decoder_new ();
     721           2 :   if (!decoder)
     722             :     {
     723           0 :       ksba_asn_tree_release (crl_tree);
     724           0 :       return gpg_error (GPG_ERR_ENOMEM);
     725             :     }
     726             : 
     727           2 :   err = _ksba_ber_decoder_set_reader (decoder, reader);
     728           2 :   if (err)
     729             :     {
     730           0 :       ksba_asn_tree_release (crl_tree);
     731           0 :       _ksba_ber_decoder_release (decoder);
     732           0 :       return err;
     733             :     }
     734             : 
     735           2 :   err = _ksba_ber_decoder_set_module (decoder, crl_tree);
     736           2 :   if (err)
     737             :     {
     738           0 :       ksba_asn_tree_release (crl_tree);
     739           0 :       _ksba_ber_decoder_release (decoder);
     740           0 :       return err;
     741             :     }
     742             : 
     743           2 :   err = _ksba_ber_decoder_decode (decoder, elem_name, 0,
     744             :                                   r_root, r_image, r_imagelen);
     745             : 
     746           2 :   _ksba_ber_decoder_release (decoder);
     747           2 :   ksba_asn_tree_release (crl_tree);
     748           2 :   return err;
     749             : }
     750             : 
     751             : 
     752             : gpg_error_t
     753           2 : _ksba_derdn_to_str (const unsigned char *der, size_t derlen, char **r_string)
     754             : {
     755             :   gpg_error_t err;
     756             :   AsnNode root;
     757             :   unsigned char *image;
     758             :   size_t imagelen;
     759             :   ksba_reader_t reader;
     760             : 
     761           2 :   err = ksba_reader_new (&reader);
     762           2 :   if (err)
     763           0 :     return err;
     764           2 :   err = ksba_reader_set_mem (reader, der, derlen);
     765           2 :   if (err)
     766             :     {
     767           0 :       ksba_reader_release (reader);
     768           0 :       return err;
     769             :     }
     770           2 :   err = create_and_run_decoder (reader,
     771             :                                 "TMTTv2.CertificateList.tbsCertList.issuer",
     772             :                                 &root, &image, &imagelen);
     773           2 :   ksba_reader_release (reader);
     774           2 :   if (!err)
     775             :     {
     776           2 :       err = _ksba_dn_to_str (image, root->down, r_string);
     777           2 :       _ksba_asn_release_nodes (root);
     778           2 :       xfree (image);
     779             :     }
     780           2 :   return err;
     781             : }
     782             : 
     783             : 
     784             : /*
     785             :    Convert a string back to DN
     786             : */
     787             : 
     788             : /* Count the number of bytes in a quoted string, return a pointer to
     789             :    the character after the string or NULL in case of an paring error.
     790             :    The number of bytes needed to store the string verbatim will be
     791             :    return as RESULT.  With V2COMAP true, the string is assumed to be
     792             :    in v2 quoting (but w/o the leading quote character)
     793             :  */
     794             : static const char *
     795          74 : count_quoted_string (const char *string, size_t *result,
     796             :                      int v2compat, int *stringtype)
     797             : {
     798             :   const unsigned char *s;
     799          74 :   int nbytes = 0;
     800          74 :   int highbit = 0;
     801          74 :   int nonprint = 0;
     802          74 :   int atsign = 0;
     803             : 
     804          74 :   *stringtype = 0;
     805         497 :   for (s=string; *s; s++)
     806             :     {
     807         482 :       if (*s == '\\')
     808             :         { /* pair */
     809           0 :           s++;
     810           0 :           if (*s == ',' || *s == '=' || *s == '+'
     811           0 :               || *s == '<' || *s == '>' || *s == '#' || *s == ';'
     812           0 :               || *s == '\\' || *s == '\"' || *s == ' ')
     813             :             {
     814           0 :               if (!charclasses[*s])
     815           0 :                 nonprint = 1;
     816           0 :               nbytes++;
     817             :             }
     818           0 :           else if (hexdigitp (s) && hexdigitp (s+1))
     819           0 :             {
     820           0 :               int c = xtoi_2 (s);
     821           0 :               if ((c & 0x80))
     822           0 :                 highbit = 1;
     823           0 :               else if (c == '@')
     824           0 :                 atsign = 1;
     825           0 :               else if (!charclasses[c])
     826           0 :                 nonprint = 1;
     827             : 
     828           0 :               s++;
     829           0 :               nbytes++;
     830             :             }
     831             :           else
     832           0 :             return NULL; /* invalid escape sequence */
     833             :         }
     834         482 :       else if (*s == '\"')
     835             :         {
     836           2 :           if (v2compat)
     837           2 :             break;
     838           0 :           return NULL; /* invalid encoding */
     839             :         }
     840         480 :       else if (!v2compat
     841         480 :                && (*s == ',' || *s == '=' || *s == '+'
     842         423 :                    || *s == '<' || *s == '>' || *s == '#' || *s == ';') )
     843             :         {
     844             :           break;
     845             :         }
     846             :       else
     847             :         {
     848         423 :           nbytes++;
     849         423 :           if ((*s & 0x80))
     850          24 :             highbit = 1;
     851         399 :           else if (*s == '@')
     852           3 :             atsign = 1;
     853         396 :           else if (!charclasses[*s])
     854           0 :             nonprint = 1;
     855             :         }
     856             :     }
     857             : 
     858             :   /* Fixme: Should be remove spaces or white spces from the end unless
     859             :      they are not escaped or we are in v2compat mode?  See TODO */
     860             : 
     861          74 :   if (highbit || nonprint)
     862           6 :     *stringtype = TYPE_UTF8_STRING;
     863          68 :   else if (atsign)
     864           3 :     *stringtype = TYPE_IA5_STRING;
     865             :   else
     866          65 :     *stringtype = TYPE_PRINTABLE_STRING;
     867             : 
     868          74 :   *result = nbytes;
     869          74 :   return s;
     870             : }
     871             : 
     872             : 
     873             : /* Write out the data to W and do the required escaping.  Note that
     874             :    NBYTES is the number of bytes actually to be written, i.e. it is
     875             :    the result from count_quoted_string */
     876             : static gpg_error_t
     877          14 : write_escaped (ksba_writer_t w, const unsigned char *buffer, size_t nbytes)
     878             : {
     879             :   const unsigned char *s;
     880             :   gpg_error_t err;
     881             : 
     882         137 :   for (s=buffer; nbytes; s++)
     883             :     {
     884         123 :       if (*s == '\\')
     885             :         {
     886           0 :           s++;
     887           0 :           if (hexdigitp (s) && hexdigitp (s+1))
     888           0 :             {
     889           0 :               unsigned char buf = xtoi_2 (s);
     890           0 :               err = ksba_writer_write (w, &buf, 1);
     891           0 :               if (err)
     892           0 :                 return err;
     893           0 :               s++;
     894           0 :               nbytes--;
     895             :             }
     896             :           else
     897             :             {
     898           0 :               err = ksba_writer_write (w, s, 1);
     899           0 :               if (err)
     900           0 :                 return err;
     901           0 :               nbytes--;
     902             :             }
     903             :         }
     904             :       else
     905             :         {
     906         123 :           err = ksba_writer_write (w, s, 1);
     907         123 :           if (err)
     908           0 :             return err;
     909         123 :           nbytes--;
     910             :         }
     911             :     }
     912             : 
     913          14 :   return 0;
     914             : }
     915             : 
     916             : 
     917             : /* Parse one RDN, and write it to WRITER.  Returns a pointer to the
     918             :    next RDN part where the comma has already been skipped or NULL in
     919             :    case of an error.  When NULL is passed as WRITER, the function does
     920             :    not allocate any memory but just parses the string and returns the
     921             :    ENDP. If ROFF or RLEN are not NULL, they will receive informaion
     922             :    useful for error reporting. */
     923             : static gpg_error_t
     924          84 : parse_rdn (const unsigned char *string, const char **endp,
     925             :            ksba_writer_t writer, size_t *roff, size_t *rlen)
     926             : {
     927          84 :   const unsigned char *orig_string = string;
     928             :   const unsigned char *s, *s1;
     929             :   size_t n, n1;
     930             :   int i;
     931             :   unsigned char *p;
     932          84 :   unsigned char *oidbuf = NULL;
     933          84 :   unsigned char *valuebuf = NULL;
     934          84 :   const unsigned char *oid = NULL;
     935             :   size_t oidlen;
     936          84 :   const unsigned char *value = NULL;
     937             :   int valuelen;
     938             :   int valuetype;
     939          84 :   int need_escaping = 0;
     940          84 :   gpg_error_t err = 0;
     941             :   size_t dummy_roff, dummy_rlen;
     942             : 
     943          84 :   if (!roff)
     944          49 :     roff = &dummy_roff;
     945          84 :   if (!rlen)
     946          49 :     rlen = &dummy_rlen;
     947             : 
     948          84 :   *roff = *rlen = 0;
     949             : 
     950          84 :   if (!string)
     951           0 :     return gpg_error (GPG_ERR_INV_VALUE);
     952         192 :   while (*string == ' ')
     953          24 :     string++;
     954          84 :   *roff = string - orig_string;
     955          84 :   if (!*string)
     956           0 :     return gpg_error (GPG_ERR_SYNTAX); /* empty elements are not allowed */
     957          84 :   s = string;
     958             : 
     959          84 :   if ( ((*s == 'o' && s[1] == 'i' && s[2] == 'd')
     960          84 :         ||(*s == 'O' && s[1] == 'I' && s[2] == 'D'))
     961           0 :        && s[3] == '.' && digitp (s+4))
     962           0 :     s += 3; /* skip a prefixed oid */
     963             : 
     964             :   /* parse attributeType */
     965          84 :   string = s;
     966          84 :   *roff = string - orig_string;
     967          84 :   if (digitp (s))
     968             :     { /* oid */
     969           0 :       for (s++; digitp (s) || (*s == '.' && s[1] != '.'); s++)
     970             :         ;
     971           0 :       n = s - string;
     972           0 :       while (*s == ' ')
     973           0 :         s++;
     974           0 :       if (*s != '=')
     975           0 :         return gpg_error (GPG_ERR_SYNTAX);
     976             : 
     977           0 :       if (writer)
     978             :         {
     979           0 :           p = xtrymalloc (n+1);
     980           0 :           if (!p)
     981           0 :             return gpg_error (GPG_ERR_ENOMEM);
     982           0 :           memcpy (p, string, n);
     983           0 :           p[n] = 0;
     984           0 :           err = ksba_oid_from_str (p, &oidbuf, &oidlen);
     985           0 :           xfree (p);
     986           0 :           if (err)
     987           0 :             return err;
     988           0 :           oid = oidbuf;
     989             :         }
     990             :     }
     991          84 :   else if ((*s >= 'A' && *s <= 'Z') || (*s >= 'a' && *s <= 'z') )
     992             :     { /* name */
     993         215 :       for (s++; ((*s >= 'A' && *s <= 'Z') || (*s >= 'a' && *s <= 'z')
     994         131 :                  || digitp (s) || *s == '-'); s++)
     995             :         ;
     996          84 :       n = s - string;
     997         170 :       while (*s == ' ')
     998           2 :         s++;
     999          84 :       if (*s != '=')
    1000           0 :         return gpg_error (GPG_ERR_SYNTAX);
    1001             : 
    1002         547 :       for (i=0; oid_name_tbl[i].name; i++)
    1003             :         {
    1004         543 :           if ( n == strlen (oid_name_tbl[i].name)
    1005         175 :                && !ascii_memcasecmp (string, oid_name_tbl[i].name, n))
    1006          80 :             break;
    1007             :         }
    1008          84 :       if (!oid_name_tbl[i].name)
    1009             :         {
    1010           4 :           *roff = string - orig_string;
    1011           4 :           *rlen = n;
    1012           4 :           return gpg_error (GPG_ERR_UNKNOWN_NAME);
    1013             :         }
    1014          80 :       oid = oid_name_tbl[i].oid;
    1015          80 :       oidlen = oid_name_tbl[i].oidlen;
    1016             :     }
    1017             :   else
    1018           0 :     return gpg_error (GPG_ERR_INV_NAME);
    1019             : 
    1020          80 :   s++;
    1021         169 :   while (*s == ' ')
    1022           9 :     s++;
    1023          80 :   string = s;
    1024             : 
    1025          80 :   *roff = string - orig_string;
    1026             : 
    1027             :   /* parse attributeValue */
    1028          80 :   if (!*s)
    1029             :     {
    1030           6 :       err = gpg_error (GPG_ERR_SYNTAX); /* missing value */
    1031           6 :       goto leave;
    1032             :     }
    1033             : 
    1034          74 :   if (*s == '#')
    1035             :     { /* hexstring */
    1036           0 :       int need_utf8 = 0;
    1037           0 :       int need_ia5 = 0;
    1038             : 
    1039           0 :       string = ++s;
    1040           0 :       for (; hexdigitp (s); s++)
    1041           0 :         s++;
    1042           0 :       n = s - string;
    1043           0 :       if (!n || (n & 1))
    1044             :         {
    1045           0 :           *rlen = n;
    1046           0 :           err = gpg_error (GPG_ERR_SYNTAX); /* no hex digits or odd number */
    1047           0 :           goto leave;
    1048             :         }
    1049           0 :       while (*s == ' ')
    1050           0 :         s++;
    1051           0 :       n /= 2;
    1052           0 :       valuelen = n;
    1053           0 :       if (writer)
    1054             :         {
    1055           0 :           valuebuf = xtrymalloc (valuelen);
    1056           0 :           if (!valuebuf)
    1057             :             {
    1058           0 :               err = gpg_error (GPG_ERR_ENOMEM);
    1059           0 :               goto leave;
    1060             :             }
    1061           0 :           for (p=valuebuf, s1=string; n; p++, s1 += 2, n--)
    1062             :             {
    1063           0 :               *p = xtoi_2 (s1);
    1064           0 :               if (*p == '@')
    1065           0 :                 need_ia5 = 1;
    1066           0 :               else if ((*p & 0x80) || !charclasses[*p])
    1067           0 :                 need_utf8 = 1;
    1068             :             }
    1069           0 :           value = valuebuf;
    1070             :         }
    1071             :       else
    1072             :         {
    1073           0 :           for (s1=string; n; s1 += 2, n--)
    1074             :             {
    1075             :               unsigned int c;
    1076             : 
    1077           0 :               c = xtoi_2 (s1);
    1078           0 :               if (c == '@')
    1079           0 :                 need_ia5 = 1;
    1080           0 :               else if ((c & 0x80) || !charclasses[c])
    1081           0 :                 need_utf8 = 1;
    1082             :             }
    1083             :         }
    1084           0 :       valuetype = need_utf8? TYPE_UTF8_STRING :
    1085           0 :                   need_ia5 ? TYPE_IA5_STRING : TYPE_PRINTABLE_STRING;
    1086             :     }
    1087          74 :   else if (*s == '\"')
    1088             :     { /* old style quotation */
    1089           2 :       string = s+1;
    1090           2 :       s = count_quoted_string (string, &n, 1, &valuetype);
    1091           2 :       if (!s || *s != '\"')
    1092             :         {
    1093           0 :           *rlen = s - orig_string;
    1094           0 :           err = gpg_error (GPG_ERR_SYNTAX); /* error or quote not closed */
    1095           0 :           goto leave;
    1096             :         }
    1097           2 :       s++;
    1098           6 :       while (*s == ' ')
    1099           2 :         s++;
    1100           2 :       value = string;
    1101           2 :       valuelen = n;
    1102           2 :       need_escaping = 1;
    1103             :     }
    1104             :   else
    1105             :     { /* regular v3 quoted string */
    1106          72 :       s = count_quoted_string (string, &n, 0, &valuetype);
    1107          72 :       if (!s)
    1108             :         {
    1109           0 :           err = gpg_error (GPG_ERR_SYNTAX); /* error */
    1110           0 :           goto leave;
    1111             :         }
    1112         144 :       while (*s == ' ')
    1113           0 :         s++;
    1114          72 :       value = string;
    1115          72 :       valuelen = n;
    1116          72 :       need_escaping = 1;
    1117             :     }
    1118             : 
    1119          74 :   if (!valuelen)
    1120             :     {
    1121          10 :       err = gpg_error (GPG_ERR_SYNTAX); /* empty elements are not allowed */
    1122          10 :       goto leave;
    1123             :     }
    1124          64 :   if ( *s && *s != ',' && *s != ';' && *s != '+')
    1125             :     {
    1126           0 :       *roff = s - orig_string;
    1127           0 :       err = gpg_error (GPG_ERR_SYNTAX); /* invalid delimiter */
    1128           0 :       goto leave;
    1129             :     }
    1130          64 :   if (*s == '+') /* fixme: implement this */
    1131             :     {
    1132           0 :       *roff = s - orig_string;
    1133           0 :       *rlen = 1;
    1134           0 :       err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
    1135           0 :       goto leave;
    1136             :     }
    1137          64 :   *endp = *s? (s+1):s;
    1138             : 
    1139          64 :   if (writer)
    1140             :     { /* write out the data */
    1141             : 
    1142             :       /* need to calculate the length in advance */
    1143          14 :       n1  = _ksba_ber_count_tl (TYPE_OBJECT_ID, CLASS_UNIVERSAL, 0, oidlen);
    1144          14 :       n1 += oidlen;
    1145          14 :       n1 += _ksba_ber_count_tl (valuetype, CLASS_UNIVERSAL, 0, valuelen);
    1146          14 :       n1 += valuelen;
    1147             : 
    1148             :       /* The SET tag */
    1149          14 :       n  = _ksba_ber_count_tl (TYPE_SET, CLASS_UNIVERSAL, 1, n);
    1150          14 :       n += n1;
    1151          14 :       err = _ksba_ber_write_tl (writer, TYPE_SET, CLASS_UNIVERSAL, 1, n);
    1152             : 
    1153             :       /* The sequence tag */
    1154          14 :       n = n1;
    1155          14 :       err = _ksba_ber_write_tl (writer, TYPE_SEQUENCE, CLASS_UNIVERSAL, 1, n);
    1156             : 
    1157             :       /* the OBJECT ID */
    1158          14 :       err = _ksba_ber_write_tl (writer, TYPE_OBJECT_ID, CLASS_UNIVERSAL,
    1159             :                                 0, oidlen);
    1160          14 :       if (!err)
    1161          14 :         err = ksba_writer_write (writer, oid, oidlen);
    1162          14 :       if (err)
    1163           0 :         goto leave;
    1164             : 
    1165             :       /* the value.  Note that we don't need any conversion to the target
    1166             :          characters set because the input is expected to be utf8 and the
    1167             :          target type is either utf8, IA5 or printable string where the last
    1168             :          two are subsets of utf8 */
    1169          14 :       err = _ksba_ber_write_tl (writer, valuetype,
    1170             :                                 CLASS_UNIVERSAL, 0, valuelen);
    1171          14 :       if (!err)
    1172          28 :         err = need_escaping? write_escaped (writer, value, valuelen)
    1173          28 :           : ksba_writer_write (writer, value, valuelen);
    1174             :     }
    1175             : 
    1176             :  leave:
    1177          80 :   xfree (oidbuf);
    1178          80 :   xfree (valuebuf);
    1179          80 :   return err;
    1180             : }
    1181             : 
    1182             : 
    1183             : 
    1184             : gpg_error_t
    1185          15 : _ksba_dn_from_str (const char *string, char **rbuf, size_t *rlength)
    1186             : {
    1187             :   gpg_error_t err;
    1188             :   ksba_writer_t writer;
    1189             :   const char *s, *endp;
    1190          15 :   void *buf = NULL;
    1191             :   size_t buflen;
    1192          15 :   char const **part_array = NULL;
    1193             :   int part_array_size, nparts;
    1194             : 
    1195          15 :   *rbuf = NULL; *rlength = 0;
    1196             :   /* We are going to build the object using a writer object.  */
    1197          15 :   err = ksba_writer_new (&writer);
    1198          15 :   if (!err)
    1199          15 :     err = ksba_writer_set_mem (writer, 1024);
    1200          15 :   if (err)
    1201           0 :     return err;
    1202             : 
    1203             :   /* We must assign it in reverse order so we do it in 2 passes. */
    1204          15 :   part_array_size = 0;
    1205          55 :   for (nparts=0, s=string; s && *s;)
    1206             :     {
    1207          35 :       err = parse_rdn (s, &endp, NULL, NULL, NULL);
    1208          35 :       if (err)
    1209          10 :         goto leave;
    1210          25 :       if (nparts >= part_array_size)
    1211             :         {
    1212             :           char const **tmp;
    1213             : 
    1214          14 :           part_array_size += 2;
    1215          14 :           tmp = part_array_size? xtryrealloc (part_array,
    1216             :                                               part_array_size * sizeof *tmp)
    1217           0 :                                 : xtrymalloc (part_array_size * sizeof *tmp);
    1218          14 :           if (!tmp)
    1219             :             {
    1220           0 :               err = gpg_error (GPG_ERR_ENOMEM);
    1221           0 :               goto leave;
    1222             :             }
    1223          14 :           part_array = tmp;
    1224             :         }
    1225          25 :       part_array[nparts++] = s;
    1226          25 :       s = endp;
    1227             :     }
    1228           5 :   if (!nparts)
    1229             :     {
    1230           0 :       err = gpg_error (GPG_ERR_SYNTAX);
    1231           0 :       goto leave;
    1232             :     }
    1233             : 
    1234          24 :   while (--nparts >= 0)
    1235             :     {
    1236          14 :       err = parse_rdn (part_array[nparts], &endp, writer, NULL, NULL);
    1237          14 :       if (err)
    1238           0 :         goto leave;
    1239             :     }
    1240             : 
    1241             :   /* Now get the memory.  */
    1242           5 :   buf = ksba_writer_snatch_mem (writer, &buflen);
    1243           5 :   if (!buf)
    1244             :     {
    1245           0 :       err = gpg_error (GPG_ERR_ENOMEM);
    1246           0 :       goto leave;
    1247             :     }
    1248             :   /* Reinitialize the buffer to create the outer sequence.  */
    1249           5 :   err = ksba_writer_set_mem (writer, buflen + 10);
    1250           5 :   if (err)
    1251           0 :     goto leave;
    1252             : 
    1253             :   /* write the outer sequence */
    1254           5 :   err = _ksba_ber_write_tl (writer, TYPE_SEQUENCE,
    1255             :                             CLASS_UNIVERSAL, 1, buflen);
    1256           5 :   if (err)
    1257           0 :     goto leave;
    1258             :   /* write the collected sets */
    1259           5 :   err = ksba_writer_write (writer, buf, buflen);
    1260           5 :   if (err)
    1261           0 :     goto leave;
    1262             : 
    1263             :   /* and get the result */
    1264           5 :   *rbuf = ksba_writer_snatch_mem (writer, rlength);
    1265           5 :   if (!*rbuf)
    1266             :     {
    1267           0 :       err = gpg_error (GPG_ERR_ENOMEM);
    1268           0 :       goto leave;
    1269             :     }
    1270             : 
    1271             :  leave:
    1272          15 :   xfree (part_array);
    1273          15 :   ksba_writer_release (writer);
    1274          15 :   xfree (buf);
    1275          15 :   return err;
    1276             : }
    1277             : 
    1278             : 
    1279             : 
    1280             : gpg_error_t
    1281           0 : ksba_dn_der2str (const void *der, size_t derlen, char **rstring)
    1282             : {
    1283           0 :   return _ksba_derdn_to_str (der, derlen, rstring);
    1284             : }
    1285             : 
    1286             : 
    1287             : gpg_error_t
    1288          15 : ksba_dn_str2der (const char *string, unsigned char **rder, size_t *rderlen)
    1289             : {
    1290          15 :   return _ksba_dn_from_str (string, (char**)rder, rderlen);
    1291             : }
    1292             : 
    1293             : 
    1294             : 
    1295             : /* Assuming that STRING contains an rfc2253 encoded string, test
    1296             :    whether this string may be passed as a valid DN to libksba.  On
    1297             :    success the functions returns 0.  On error the function returns an
    1298             :    error code and stores the offset within STRING of the erroneous
    1299             :    part at RERROFF. RERRLEN will then receive the length of the
    1300             :    erroneous part.  This function is most useful to test whether a
    1301             :    symbolic name (like SN) is supported. SEQ should be passed as 0 for
    1302             :    now.  RERROFF and RERRLEN may be passed as NULL if the caller is
    1303             :    not interested at this value. */
    1304             : gpg_error_t
    1305          15 : ksba_dn_teststr (const char *string, int seq,
    1306             :                  size_t *rerroff, size_t *rerrlen)
    1307             : {
    1308             :   size_t dummy_erroff, dummy_errlen;
    1309             :   gpg_error_t err;
    1310             :   int nparts;
    1311             :   const char *s, *endp;
    1312             :   size_t off, len;
    1313             : 
    1314          15 :   if (!rerroff)
    1315           0 :     rerroff = &dummy_erroff;
    1316          15 :   if (!rerrlen)
    1317           0 :     rerrlen = &dummy_errlen;
    1318             : 
    1319          15 :   *rerrlen = *rerroff = 0;
    1320             : 
    1321          40 :   for (nparts=0, s=string; s && *s; nparts++)
    1322             :     {
    1323          35 :       err = parse_rdn (s, &endp, NULL, &off, &len);
    1324          35 :       if (err && !seq--)
    1325             :         {
    1326          10 :           *rerroff = s - string + off;
    1327          10 :           *rerrlen = len? len : strlen (s);
    1328          10 :           return err;
    1329             :         }
    1330          25 :       s = endp;
    1331             :     }
    1332           5 :   if (!nparts)
    1333           0 :     return gpg_error (GPG_ERR_SYNTAX);
    1334           5 :   return 0;
    1335             : }

Generated by: LCOV version 1.11