Line data Source code
1 : /* oid.c - Object identifier helper functions
2 : * Copyright (C) 2001, 2009, 2012 g10 Code GmbH
3 : *
4 : * This file is part of KSBA.
5 : *
6 : * KSBA is free software; you can redistribute it and/or modify
7 : * it under the terms of either
8 : *
9 : * - the GNU Lesser General Public License as published by the Free
10 : * Software Foundation; either version 3 of the License, or (at
11 : * your option) any later version.
12 : *
13 : * or
14 : *
15 : * - the GNU General Public License as published by the Free
16 : * Software Foundation; either version 2 of the License, or (at
17 : * your option) any later version.
18 : *
19 : * or both in parallel, as here.
20 : *
21 : * KSBA is distributed in the hope that it will be useful, but WITHOUT
22 : * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
23 : * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
24 : * License for more details.
25 : *
26 : * You should have received a copies of the GNU General Public License
27 : * and the GNU Lesser General Public License along with this program;
28 : * if not, see <http://www.gnu.org/licenses/>.
29 : */
30 :
31 : #include <config.h>
32 : #include <stdio.h>
33 : #include <stdlib.h>
34 : #include <string.h>
35 : #include <assert.h>
36 :
37 : #include "util.h"
38 : #include "asn1-func.h"
39 : #include "convert.h"
40 :
41 :
42 :
43 : /**
44 : * ksba_oid_to_str:
45 : * @buffer: A BER encoded OID
46 : * @length: The length of this OID
47 : *
48 : * Take a buffer with an object identifier in BER encoding and return
49 : * a string representing this OID. We do not use the ASN.1 syntax
50 : * here but delimit the arcs with dots, so it is easier to parse in
51 : * most cases. This dotted-decimal notation is also known as LDAPOID
52 : * string and described in RFC-2251.
53 : *
54 : * The function returns an empty string for an empty buffer and does
55 : * no interpretation of the OID. The caller must free the returned
56 : * string using ksba_free() or the function he has registered as a
57 : * replacement.
58 : *
59 : *
60 : * Return value: A allocated string or NULL in case of memory problem.
61 : **/
62 : char *
63 55 : ksba_oid_to_str (const char *buffer, size_t length)
64 : {
65 55 : const unsigned char *buf = buffer;
66 : char *string, *p;
67 55 : int n = 0;
68 : unsigned long val, valmask;
69 :
70 55 : valmask = (unsigned long)0xfe << (8 * (sizeof (valmask) - 1));
71 :
72 : /* To calculate the length of the string we can safely assume an
73 : upper limit of 3 decimal characters per byte. Two extra bytes
74 : account for the special first octect */
75 55 : string = p = xtrymalloc (length*(1+3)+2+1);
76 55 : if (!string)
77 0 : return NULL;
78 55 : if (!length)
79 : {
80 1 : *p = 0;
81 1 : return string;
82 : }
83 :
84 54 : if (buf[0] < 40)
85 2 : p += sprintf (p, "0.%d", buf[n]);
86 52 : else if (buf[0] < 80)
87 11 : p += sprintf (p, "1.%d", buf[n]-40);
88 : else {
89 41 : val = buf[n] & 0x7f;
90 88 : while ( (buf[n]&0x80) && ++n < length )
91 : {
92 6 : if ( (val & valmask) )
93 0 : goto badoid; /* Overflow. */
94 6 : val <<= 7;
95 6 : val |= buf[n] & 0x7f;
96 : }
97 41 : if (val < 80)
98 2 : goto badoid;
99 39 : val -= 80;
100 39 : sprintf (p, "2.%lu", val);
101 39 : p += strlen (p);
102 : }
103 219 : for (n++; n < length; n++)
104 : {
105 167 : val = buf[n] & 0x7f;
106 398 : while ( (buf[n]&0x80) && ++n < length )
107 : {
108 64 : if ( (val & valmask) )
109 0 : goto badoid; /* Overflow. */
110 64 : val <<= 7;
111 64 : val |= buf[n] & 0x7f;
112 : }
113 167 : sprintf (p, ".%lu", val);
114 167 : p += strlen (p);
115 : }
116 :
117 52 : *p = 0;
118 52 : return string;
119 :
120 : badoid:
121 : /* Return a special OID (gnu.gnupg.badoid) to indicate the error
122 : case. The OID is broken and thus we return one which can't do
123 : any harm. Formally this does not need to be a bad OID but an OID
124 : with an arc that can't be represented in a 32 bit word is more
125 : than likely corrupt. */
126 2 : xfree (string);
127 2 : return xtrystrdup ("1.3.6.1.4.1.11591.2.12242973");
128 : }
129 :
130 :
131 : /* Take the OID at NODE and return it in string format */
132 : char *
133 20 : _ksba_oid_node_to_str (const unsigned char *image, AsnNode node)
134 : {
135 20 : if (!node || node->type != TYPE_OBJECT_ID || node->off == -1)
136 0 : return NULL;
137 20 : return ksba_oid_to_str (image+node->off + node->nhdr, node->len);
138 : }
139 :
140 :
141 :
142 : static size_t
143 0 : make_flagged_int (unsigned long value, char *buf, size_t buflen)
144 : {
145 0 : int more = 0;
146 : int shift;
147 :
148 : /* fixme: figure out the number of bits in an ulong and start with
149 : that value as shift (after making it a multiple of 7) a more
150 : straigtforward implementation is to do it in reverse order using
151 : a temporary buffer - saves a lot of compares */
152 0 : for (more=0, shift=28; shift > 0; shift -= 7)
153 : {
154 0 : if (more || value >= (1<<shift))
155 : {
156 0 : buf[buflen++] = 0x80 | (value >> shift);
157 0 : value -= (value >> shift) << shift;
158 0 : more = 1;
159 : }
160 : }
161 0 : buf[buflen++] = value;
162 0 : return buflen;
163 : }
164 :
165 :
166 : /**
167 : * ksba_oid_from_str:
168 : * @string: A string with the OID in dotted decimal form
169 : * @rbuf: Returns the DER encoded OID
170 : * @rlength: and its length
171 : *
172 : * Convertes the OID given in dotted decimal form to an DER encoding
173 : * and returns it in allocated buffer rbuf and its length in rlength.
174 : * rbuf is set to NULL in case of an error is returned.
175 : * Scanning stops at the first white space.
176 :
177 : * The caller must free the returned buffer using ksba_free() or the
178 : * function he has registered as a replacement.
179 : *
180 : * Return value: 0 on success or an error value
181 : **/
182 : gpg_error_t
183 0 : ksba_oid_from_str (const char *string, unsigned char **rbuf, size_t *rlength)
184 : {
185 : unsigned char *buf;
186 : size_t buflen;
187 : unsigned long val1, val;
188 : const char *endp;
189 : int arcno;
190 :
191 0 : if (!string || !rbuf || !rlength)
192 0 : return gpg_error (GPG_ERR_INV_VALUE);
193 0 : *rbuf = NULL;
194 0 : *rlength = 0;
195 :
196 : /* we allow the OID to be prefixed with either "oid." or "OID." */
197 0 : if ( !strncmp (string, "oid.", 4) || !strncmp (string, "OID.", 4))
198 0 : string += 4;
199 :
200 0 : if (!*string)
201 0 : return gpg_error (GPG_ERR_INV_VALUE);
202 :
203 : /* we can safely assume that the encoded OID is shorter than the string */
204 0 : buf = xtrymalloc ( strlen(string) + 2);
205 0 : if (!buf)
206 0 : return gpg_error (GPG_ERR_ENOMEM);
207 0 : buflen = 0;
208 :
209 0 : val1 = 0; /* avoid compiler warnings */
210 0 : arcno = 0;
211 : do {
212 0 : arcno++;
213 0 : val = strtoul (string, (char**)&endp, 10);
214 0 : if (!digitp (string) || !(*endp == '.' || !*endp))
215 : {
216 0 : xfree (buf);
217 0 : return gpg_error (GPG_ERR_INV_OID_STRING);
218 : }
219 0 : if (*endp == '.')
220 0 : string = endp+1;
221 :
222 0 : if (arcno == 1)
223 : {
224 0 : if (val > 2)
225 0 : break; /* not allowed, error catched below */
226 0 : val1 = val;
227 : }
228 0 : else if (arcno == 2)
229 : { /* need to combine the first to arcs in one octet */
230 0 : if (val1 < 2)
231 : {
232 0 : if (val > 39)
233 : {
234 0 : xfree (buf);
235 0 : return gpg_error (GPG_ERR_INV_OID_STRING);
236 : }
237 0 : buf[buflen++] = val1*40 + val;
238 : }
239 : else
240 : {
241 0 : val += 80;
242 0 : buflen = make_flagged_int (val, buf, buflen);
243 : }
244 : }
245 : else
246 : {
247 0 : buflen = make_flagged_int (val, buf, buflen);
248 : }
249 0 : } while (*endp == '.');
250 :
251 0 : if (arcno == 1)
252 : { /* it is not possible to encode only the first arc */
253 0 : xfree (buf);
254 0 : return gpg_error (GPG_ERR_INV_OID_STRING);
255 : }
256 :
257 0 : *rbuf = buf;
258 0 : *rlength = buflen;
259 0 : return 0;
260 : }
261 :
262 :
263 : /* Convert the string in BUFFER which is of length BUFLEN to its DER
264 : encoding and returns it in a new allocated buffer RBUF and its
265 : length in RLENGTH. RBUF is set to NULL if an error is returned.
266 : The caller must free the returned buffer using ksba_free() or the
267 : function he has registered as a replacement. */
268 : gpg_error_t
269 0 : _ksba_oid_from_buf (const void *buffer, size_t buflen,
270 : unsigned char **rbuf, size_t *rlength)
271 : {
272 : gpg_error_t err;
273 : char *string;
274 :
275 0 : string = xtrymalloc (buflen+1);
276 0 : if (!string)
277 : {
278 0 : *rbuf = NULL;
279 0 : *rlength = 0;
280 0 : return gpg_error_from_syserror ();
281 : }
282 0 : memcpy (string, buffer, buflen);
283 0 : string[buflen] = 0;
284 0 : err = ksba_oid_from_str (string, rbuf, rlength);
285 0 : xfree (string);
286 0 : return err;
287 : }
|
