1*2139Sjp161948 /* asn1_gen.c */
2*2139Sjp161948 /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3*2139Sjp161948 * project 2002.
4*2139Sjp161948 */
5*2139Sjp161948 /* ====================================================================
6*2139Sjp161948 * Copyright (c) 2002 The OpenSSL Project. All rights reserved.
7*2139Sjp161948 *
8*2139Sjp161948 * Redistribution and use in source and binary forms, with or without
9*2139Sjp161948 * modification, are permitted provided that the following conditions
10*2139Sjp161948 * are met:
11*2139Sjp161948 *
12*2139Sjp161948 * 1. Redistributions of source code must retain the above copyright
13*2139Sjp161948 * notice, this list of conditions and the following disclaimer.
14*2139Sjp161948 *
15*2139Sjp161948 * 2. Redistributions in binary form must reproduce the above copyright
16*2139Sjp161948 * notice, this list of conditions and the following disclaimer in
17*2139Sjp161948 * the documentation and/or other materials provided with the
18*2139Sjp161948 * distribution.
19*2139Sjp161948 *
20*2139Sjp161948 * 3. All advertising materials mentioning features or use of this
21*2139Sjp161948 * software must display the following acknowledgment:
22*2139Sjp161948 * "This product includes software developed by the OpenSSL Project
23*2139Sjp161948 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24*2139Sjp161948 *
25*2139Sjp161948 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26*2139Sjp161948 * endorse or promote products derived from this software without
27*2139Sjp161948 * prior written permission. For written permission, please contact
28*2139Sjp161948 * licensing@OpenSSL.org.
29*2139Sjp161948 *
30*2139Sjp161948 * 5. Products derived from this software may not be called "OpenSSL"
31*2139Sjp161948 * nor may "OpenSSL" appear in their names without prior written
32*2139Sjp161948 * permission of the OpenSSL Project.
33*2139Sjp161948 *
34*2139Sjp161948 * 6. Redistributions of any form whatsoever must retain the following
35*2139Sjp161948 * acknowledgment:
36*2139Sjp161948 * "This product includes software developed by the OpenSSL Project
37*2139Sjp161948 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38*2139Sjp161948 *
39*2139Sjp161948 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40*2139Sjp161948 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41*2139Sjp161948 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42*2139Sjp161948 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43*2139Sjp161948 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44*2139Sjp161948 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45*2139Sjp161948 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46*2139Sjp161948 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47*2139Sjp161948 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48*2139Sjp161948 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49*2139Sjp161948 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50*2139Sjp161948 * OF THE POSSIBILITY OF SUCH DAMAGE.
51*2139Sjp161948 * ====================================================================
52*2139Sjp161948 *
53*2139Sjp161948 * This product includes cryptographic software written by Eric Young
54*2139Sjp161948 * (eay@cryptsoft.com). This product includes software written by Tim
55*2139Sjp161948 * Hudson (tjh@cryptsoft.com).
56*2139Sjp161948 *
57*2139Sjp161948 */
58*2139Sjp161948
59*2139Sjp161948 #include "cryptlib.h"
60*2139Sjp161948 #include <openssl/asn1.h>
61*2139Sjp161948 #include <openssl/x509v3.h>
62*2139Sjp161948
63*2139Sjp161948 #define ASN1_GEN_FLAG 0x10000
64*2139Sjp161948 #define ASN1_GEN_FLAG_IMP (ASN1_GEN_FLAG|1)
65*2139Sjp161948 #define ASN1_GEN_FLAG_EXP (ASN1_GEN_FLAG|2)
66*2139Sjp161948 #define ASN1_GEN_FLAG_TAG (ASN1_GEN_FLAG|3)
67*2139Sjp161948 #define ASN1_GEN_FLAG_BITWRAP (ASN1_GEN_FLAG|4)
68*2139Sjp161948 #define ASN1_GEN_FLAG_OCTWRAP (ASN1_GEN_FLAG|5)
69*2139Sjp161948 #define ASN1_GEN_FLAG_SEQWRAP (ASN1_GEN_FLAG|6)
70*2139Sjp161948 #define ASN1_GEN_FLAG_SETWRAP (ASN1_GEN_FLAG|7)
71*2139Sjp161948 #define ASN1_GEN_FLAG_FORMAT (ASN1_GEN_FLAG|8)
72*2139Sjp161948
73*2139Sjp161948 #define ASN1_GEN_STR(str,val) {str, sizeof(str) - 1, val}
74*2139Sjp161948
75*2139Sjp161948 #define ASN1_FLAG_EXP_MAX 20
76*2139Sjp161948
77*2139Sjp161948 /* Input formats */
78*2139Sjp161948
79*2139Sjp161948 /* ASCII: default */
80*2139Sjp161948 #define ASN1_GEN_FORMAT_ASCII 1
81*2139Sjp161948 /* UTF8 */
82*2139Sjp161948 #define ASN1_GEN_FORMAT_UTF8 2
83*2139Sjp161948 /* Hex */
84*2139Sjp161948 #define ASN1_GEN_FORMAT_HEX 3
85*2139Sjp161948 /* List of bits */
86*2139Sjp161948 #define ASN1_GEN_FORMAT_BITLIST 4
87*2139Sjp161948
88*2139Sjp161948
89*2139Sjp161948 struct tag_name_st
90*2139Sjp161948 {
91*2139Sjp161948 const char *strnam;
92*2139Sjp161948 int len;
93*2139Sjp161948 int tag;
94*2139Sjp161948 };
95*2139Sjp161948
96*2139Sjp161948 typedef struct
97*2139Sjp161948 {
98*2139Sjp161948 int exp_tag;
99*2139Sjp161948 int exp_class;
100*2139Sjp161948 int exp_constructed;
101*2139Sjp161948 int exp_pad;
102*2139Sjp161948 long exp_len;
103*2139Sjp161948 } tag_exp_type;
104*2139Sjp161948
105*2139Sjp161948 typedef struct
106*2139Sjp161948 {
107*2139Sjp161948 int imp_tag;
108*2139Sjp161948 int imp_class;
109*2139Sjp161948 int utype;
110*2139Sjp161948 int format;
111*2139Sjp161948 const char *str;
112*2139Sjp161948 tag_exp_type exp_list[ASN1_FLAG_EXP_MAX];
113*2139Sjp161948 int exp_count;
114*2139Sjp161948 } tag_exp_arg;
115*2139Sjp161948
116*2139Sjp161948 static int bitstr_cb(const char *elem, int len, void *bitstr);
117*2139Sjp161948 static int asn1_cb(const char *elem, int len, void *bitstr);
118*2139Sjp161948 static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_constructed, int exp_pad, int imp_ok);
119*2139Sjp161948 static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass);
120*2139Sjp161948 static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf);
121*2139Sjp161948 static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype);
122*2139Sjp161948 static int asn1_str2tag(const char *tagstr, int len);
123*2139Sjp161948
ASN1_generate_nconf(char * str,CONF * nconf)124*2139Sjp161948 ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf)
125*2139Sjp161948 {
126*2139Sjp161948 X509V3_CTX cnf;
127*2139Sjp161948
128*2139Sjp161948 if (!nconf)
129*2139Sjp161948 return ASN1_generate_v3(str, NULL);
130*2139Sjp161948
131*2139Sjp161948 X509V3_set_nconf(&cnf, nconf);
132*2139Sjp161948 return ASN1_generate_v3(str, &cnf);
133*2139Sjp161948 }
134*2139Sjp161948
ASN1_generate_v3(char * str,X509V3_CTX * cnf)135*2139Sjp161948 ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
136*2139Sjp161948 {
137*2139Sjp161948 ASN1_TYPE *ret;
138*2139Sjp161948 tag_exp_arg asn1_tags;
139*2139Sjp161948 tag_exp_type *etmp;
140*2139Sjp161948
141*2139Sjp161948 int i, len;
142*2139Sjp161948
143*2139Sjp161948 unsigned char *orig_der = NULL, *new_der = NULL;
144*2139Sjp161948 const unsigned char *cpy_start;
145*2139Sjp161948 unsigned char *p;
146*2139Sjp161948 const unsigned char *cp;
147*2139Sjp161948 int cpy_len;
148*2139Sjp161948 long hdr_len;
149*2139Sjp161948 int hdr_constructed = 0, hdr_tag, hdr_class;
150*2139Sjp161948 int r;
151*2139Sjp161948
152*2139Sjp161948 asn1_tags.imp_tag = -1;
153*2139Sjp161948 asn1_tags.imp_class = -1;
154*2139Sjp161948 asn1_tags.format = ASN1_GEN_FORMAT_ASCII;
155*2139Sjp161948 asn1_tags.exp_count = 0;
156*2139Sjp161948 if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0)
157*2139Sjp161948 return NULL;
158*2139Sjp161948
159*2139Sjp161948 if ((asn1_tags.utype == V_ASN1_SEQUENCE) || (asn1_tags.utype == V_ASN1_SET))
160*2139Sjp161948 {
161*2139Sjp161948 if (!cnf)
162*2139Sjp161948 {
163*2139Sjp161948 ASN1err(ASN1_F_ASN1_GENERATE_V3, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG);
164*2139Sjp161948 return NULL;
165*2139Sjp161948 }
166*2139Sjp161948 ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf);
167*2139Sjp161948 }
168*2139Sjp161948 else
169*2139Sjp161948 ret = asn1_str2type(asn1_tags.str, asn1_tags.format, asn1_tags.utype);
170*2139Sjp161948
171*2139Sjp161948 if (!ret)
172*2139Sjp161948 return NULL;
173*2139Sjp161948
174*2139Sjp161948 /* If no tagging return base type */
175*2139Sjp161948 if ((asn1_tags.imp_tag == -1) && (asn1_tags.exp_count == 0))
176*2139Sjp161948 return ret;
177*2139Sjp161948
178*2139Sjp161948 /* Generate the encoding */
179*2139Sjp161948 cpy_len = i2d_ASN1_TYPE(ret, &orig_der);
180*2139Sjp161948 ASN1_TYPE_free(ret);
181*2139Sjp161948 ret = NULL;
182*2139Sjp161948 /* Set point to start copying for modified encoding */
183*2139Sjp161948 cpy_start = orig_der;
184*2139Sjp161948
185*2139Sjp161948 /* Do we need IMPLICIT tagging? */
186*2139Sjp161948 if (asn1_tags.imp_tag != -1)
187*2139Sjp161948 {
188*2139Sjp161948 /* If IMPLICIT we will replace the underlying tag */
189*2139Sjp161948 /* Skip existing tag+len */
190*2139Sjp161948 r = ASN1_get_object(&cpy_start, &hdr_len, &hdr_tag, &hdr_class, cpy_len);
191*2139Sjp161948 if (r & 0x80)
192*2139Sjp161948 goto err;
193*2139Sjp161948 /* Update copy length */
194*2139Sjp161948 cpy_len -= cpy_start - orig_der;
195*2139Sjp161948 /* For IMPLICIT tagging the length should match the
196*2139Sjp161948 * original length and constructed flag should be
197*2139Sjp161948 * consistent.
198*2139Sjp161948 */
199*2139Sjp161948 if (r & 0x1)
200*2139Sjp161948 {
201*2139Sjp161948 /* Indefinite length constructed */
202*2139Sjp161948 hdr_constructed = 2;
203*2139Sjp161948 hdr_len = 0;
204*2139Sjp161948 }
205*2139Sjp161948 else
206*2139Sjp161948 /* Just retain constructed flag */
207*2139Sjp161948 hdr_constructed = r & V_ASN1_CONSTRUCTED;
208*2139Sjp161948 /* Work out new length with IMPLICIT tag: ignore constructed
209*2139Sjp161948 * because it will mess up if indefinite length
210*2139Sjp161948 */
211*2139Sjp161948 len = ASN1_object_size(0, hdr_len, asn1_tags.imp_tag);
212*2139Sjp161948 }
213*2139Sjp161948 else
214*2139Sjp161948 len = cpy_len;
215*2139Sjp161948
216*2139Sjp161948 /* Work out length in any EXPLICIT, starting from end */
217*2139Sjp161948
218*2139Sjp161948 for(i = 0, etmp = asn1_tags.exp_list + asn1_tags.exp_count - 1; i < asn1_tags.exp_count; i++, etmp--)
219*2139Sjp161948 {
220*2139Sjp161948 /* Content length: number of content octets + any padding */
221*2139Sjp161948 len += etmp->exp_pad;
222*2139Sjp161948 etmp->exp_len = len;
223*2139Sjp161948 /* Total object length: length including new header */
224*2139Sjp161948 len = ASN1_object_size(0, len, etmp->exp_tag);
225*2139Sjp161948 }
226*2139Sjp161948
227*2139Sjp161948 /* Allocate buffer for new encoding */
228*2139Sjp161948
229*2139Sjp161948 new_der = OPENSSL_malloc(len);
230*2139Sjp161948
231*2139Sjp161948 /* Generate tagged encoding */
232*2139Sjp161948
233*2139Sjp161948 p = new_der;
234*2139Sjp161948
235*2139Sjp161948 /* Output explicit tags first */
236*2139Sjp161948
237*2139Sjp161948 for (i = 0, etmp = asn1_tags.exp_list; i < asn1_tags.exp_count; i++, etmp++)
238*2139Sjp161948 {
239*2139Sjp161948 ASN1_put_object(&p, etmp->exp_constructed, etmp->exp_len,
240*2139Sjp161948 etmp->exp_tag, etmp->exp_class);
241*2139Sjp161948 if (etmp->exp_pad)
242*2139Sjp161948 *p++ = 0;
243*2139Sjp161948 }
244*2139Sjp161948
245*2139Sjp161948 /* If IMPLICIT, output tag */
246*2139Sjp161948
247*2139Sjp161948 if (asn1_tags.imp_tag != -1)
248*2139Sjp161948 ASN1_put_object(&p, hdr_constructed, hdr_len,
249*2139Sjp161948 asn1_tags.imp_tag, asn1_tags.imp_class);
250*2139Sjp161948
251*2139Sjp161948 /* Copy across original encoding */
252*2139Sjp161948 memcpy(p, cpy_start, cpy_len);
253*2139Sjp161948
254*2139Sjp161948 cp = new_der;
255*2139Sjp161948
256*2139Sjp161948 /* Obtain new ASN1_TYPE structure */
257*2139Sjp161948 ret = d2i_ASN1_TYPE(NULL, &cp, len);
258*2139Sjp161948
259*2139Sjp161948 err:
260*2139Sjp161948 if (orig_der)
261*2139Sjp161948 OPENSSL_free(orig_der);
262*2139Sjp161948 if (new_der)
263*2139Sjp161948 OPENSSL_free(new_der);
264*2139Sjp161948
265*2139Sjp161948 return ret;
266*2139Sjp161948
267*2139Sjp161948 }
268*2139Sjp161948
asn1_cb(const char * elem,int len,void * bitstr)269*2139Sjp161948 static int asn1_cb(const char *elem, int len, void *bitstr)
270*2139Sjp161948 {
271*2139Sjp161948 tag_exp_arg *arg = bitstr;
272*2139Sjp161948 int i;
273*2139Sjp161948 int utype;
274*2139Sjp161948 int vlen = 0;
275*2139Sjp161948 const char *p, *vstart = NULL;
276*2139Sjp161948
277*2139Sjp161948 int tmp_tag, tmp_class;
278*2139Sjp161948
279*2139Sjp161948 for(i = 0, p = elem; i < len; p++, i++)
280*2139Sjp161948 {
281*2139Sjp161948 /* Look for the ':' in name value pairs */
282*2139Sjp161948 if (*p == ':')
283*2139Sjp161948 {
284*2139Sjp161948 vstart = p + 1;
285*2139Sjp161948 vlen = len - (vstart - elem);
286*2139Sjp161948 len = p - elem;
287*2139Sjp161948 break;
288*2139Sjp161948 }
289*2139Sjp161948 }
290*2139Sjp161948
291*2139Sjp161948 utype = asn1_str2tag(elem, len);
292*2139Sjp161948
293*2139Sjp161948 if (utype == -1)
294*2139Sjp161948 {
295*2139Sjp161948 ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_TAG);
296*2139Sjp161948 ERR_add_error_data(2, "tag=", elem);
297*2139Sjp161948 return -1;
298*2139Sjp161948 }
299*2139Sjp161948
300*2139Sjp161948 /* If this is not a modifier mark end of string and exit */
301*2139Sjp161948 if (!(utype & ASN1_GEN_FLAG))
302*2139Sjp161948 {
303*2139Sjp161948 arg->utype = utype;
304*2139Sjp161948 arg->str = vstart;
305*2139Sjp161948 /* If no value and not end of string, error */
306*2139Sjp161948 if (!vstart && elem[len])
307*2139Sjp161948 {
308*2139Sjp161948 ASN1err(ASN1_F_ASN1_CB, ASN1_R_MISSING_VALUE);
309*2139Sjp161948 return -1;
310*2139Sjp161948 }
311*2139Sjp161948 return 0;
312*2139Sjp161948 }
313*2139Sjp161948
314*2139Sjp161948 switch(utype)
315*2139Sjp161948 {
316*2139Sjp161948
317*2139Sjp161948 case ASN1_GEN_FLAG_IMP:
318*2139Sjp161948 /* Check for illegal multiple IMPLICIT tagging */
319*2139Sjp161948 if (arg->imp_tag != -1)
320*2139Sjp161948 {
321*2139Sjp161948 ASN1err(ASN1_F_ASN1_CB, ASN1_R_ILLEGAL_NESTED_TAGGING);
322*2139Sjp161948 return -1;
323*2139Sjp161948 }
324*2139Sjp161948 if (!parse_tagging(vstart, vlen, &arg->imp_tag, &arg->imp_class))
325*2139Sjp161948 return -1;
326*2139Sjp161948 break;
327*2139Sjp161948
328*2139Sjp161948 case ASN1_GEN_FLAG_EXP:
329*2139Sjp161948
330*2139Sjp161948 if (!parse_tagging(vstart, vlen, &tmp_tag, &tmp_class))
331*2139Sjp161948 return -1;
332*2139Sjp161948 if (!append_exp(arg, tmp_tag, tmp_class, 1, 0, 0))
333*2139Sjp161948 return -1;
334*2139Sjp161948 break;
335*2139Sjp161948
336*2139Sjp161948 case ASN1_GEN_FLAG_SEQWRAP:
337*2139Sjp161948 if (!append_exp(arg, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, 1, 0, 1))
338*2139Sjp161948 return -1;
339*2139Sjp161948 break;
340*2139Sjp161948
341*2139Sjp161948 case ASN1_GEN_FLAG_SETWRAP:
342*2139Sjp161948 if (!append_exp(arg, V_ASN1_SET, V_ASN1_UNIVERSAL, 1, 0, 1))
343*2139Sjp161948 return -1;
344*2139Sjp161948 break;
345*2139Sjp161948
346*2139Sjp161948 case ASN1_GEN_FLAG_BITWRAP:
347*2139Sjp161948 if (!append_exp(arg, V_ASN1_BIT_STRING, V_ASN1_UNIVERSAL, 0, 1, 1))
348*2139Sjp161948 return -1;
349*2139Sjp161948 break;
350*2139Sjp161948
351*2139Sjp161948 case ASN1_GEN_FLAG_OCTWRAP:
352*2139Sjp161948 if (!append_exp(arg, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL, 0, 0, 1))
353*2139Sjp161948 return -1;
354*2139Sjp161948 break;
355*2139Sjp161948
356*2139Sjp161948 case ASN1_GEN_FLAG_FORMAT:
357*2139Sjp161948 if (!strncmp(vstart, "ASCII", 5))
358*2139Sjp161948 arg->format = ASN1_GEN_FORMAT_ASCII;
359*2139Sjp161948 else if (!strncmp(vstart, "UTF8", 4))
360*2139Sjp161948 arg->format = ASN1_GEN_FORMAT_UTF8;
361*2139Sjp161948 else if (!strncmp(vstart, "HEX", 3))
362*2139Sjp161948 arg->format = ASN1_GEN_FORMAT_HEX;
363*2139Sjp161948 else if (!strncmp(vstart, "BITLIST", 3))
364*2139Sjp161948 arg->format = ASN1_GEN_FORMAT_BITLIST;
365*2139Sjp161948 else
366*2139Sjp161948 {
367*2139Sjp161948 ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT);
368*2139Sjp161948 return -1;
369*2139Sjp161948 }
370*2139Sjp161948 break;
371*2139Sjp161948
372*2139Sjp161948 }
373*2139Sjp161948
374*2139Sjp161948 return 1;
375*2139Sjp161948
376*2139Sjp161948 }
377*2139Sjp161948
parse_tagging(const char * vstart,int vlen,int * ptag,int * pclass)378*2139Sjp161948 static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass)
379*2139Sjp161948 {
380*2139Sjp161948 char erch[2];
381*2139Sjp161948 long tag_num;
382*2139Sjp161948 char *eptr;
383*2139Sjp161948 if (!vstart)
384*2139Sjp161948 return 0;
385*2139Sjp161948 tag_num = strtoul(vstart, &eptr, 10);
386*2139Sjp161948 /* Check we haven't gone past max length: should be impossible */
387*2139Sjp161948 if (eptr && *eptr && (eptr > vstart + vlen))
388*2139Sjp161948 return 0;
389*2139Sjp161948 if (tag_num < 0)
390*2139Sjp161948 {
391*2139Sjp161948 ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_NUMBER);
392*2139Sjp161948 return 0;
393*2139Sjp161948 }
394*2139Sjp161948 *ptag = tag_num;
395*2139Sjp161948 /* If we have non numeric characters, parse them */
396*2139Sjp161948 if (eptr)
397*2139Sjp161948 vlen -= eptr - vstart;
398*2139Sjp161948 else
399*2139Sjp161948 vlen = 0;
400*2139Sjp161948 if (vlen)
401*2139Sjp161948 {
402*2139Sjp161948 switch (*eptr)
403*2139Sjp161948 {
404*2139Sjp161948
405*2139Sjp161948 case 'U':
406*2139Sjp161948 *pclass = V_ASN1_UNIVERSAL;
407*2139Sjp161948 break;
408*2139Sjp161948
409*2139Sjp161948 case 'A':
410*2139Sjp161948 *pclass = V_ASN1_APPLICATION;
411*2139Sjp161948 break;
412*2139Sjp161948
413*2139Sjp161948 case 'P':
414*2139Sjp161948 *pclass = V_ASN1_PRIVATE;
415*2139Sjp161948 break;
416*2139Sjp161948
417*2139Sjp161948 case 'C':
418*2139Sjp161948 *pclass = V_ASN1_CONTEXT_SPECIFIC;
419*2139Sjp161948 break;
420*2139Sjp161948
421*2139Sjp161948 default:
422*2139Sjp161948 erch[0] = *eptr;
423*2139Sjp161948 erch[1] = 0;
424*2139Sjp161948 ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_MODIFIER);
425*2139Sjp161948 ERR_add_error_data(2, "Char=", erch);
426*2139Sjp161948 return 0;
427*2139Sjp161948 break;
428*2139Sjp161948
429*2139Sjp161948 }
430*2139Sjp161948 }
431*2139Sjp161948 else
432*2139Sjp161948 *pclass = V_ASN1_CONTEXT_SPECIFIC;
433*2139Sjp161948
434*2139Sjp161948 return 1;
435*2139Sjp161948
436*2139Sjp161948 }
437*2139Sjp161948
438*2139Sjp161948 /* Handle multiple types: SET and SEQUENCE */
439*2139Sjp161948
asn1_multi(int utype,const char * section,X509V3_CTX * cnf)440*2139Sjp161948 static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
441*2139Sjp161948 {
442*2139Sjp161948 ASN1_TYPE *ret = NULL, *typ = NULL;
443*2139Sjp161948 STACK_OF(ASN1_TYPE) *sk = NULL;
444*2139Sjp161948 STACK_OF(CONF_VALUE) *sect = NULL;
445*2139Sjp161948 unsigned char *der = NULL, *p;
446*2139Sjp161948 int derlen;
447*2139Sjp161948 int i, is_set;
448*2139Sjp161948 sk = sk_ASN1_TYPE_new_null();
449*2139Sjp161948 if (section)
450*2139Sjp161948 {
451*2139Sjp161948 if (!cnf)
452*2139Sjp161948 goto bad;
453*2139Sjp161948 sect = X509V3_get_section(cnf, (char *)section);
454*2139Sjp161948 if (!sect)
455*2139Sjp161948 goto bad;
456*2139Sjp161948 for (i = 0; i < sk_CONF_VALUE_num(sect); i++)
457*2139Sjp161948 {
458*2139Sjp161948 typ = ASN1_generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf);
459*2139Sjp161948 if (!typ)
460*2139Sjp161948 goto bad;
461*2139Sjp161948 sk_ASN1_TYPE_push(sk, typ);
462*2139Sjp161948 typ = NULL;
463*2139Sjp161948 }
464*2139Sjp161948 }
465*2139Sjp161948
466*2139Sjp161948 /* Now we has a STACK of the components, convert to the correct form */
467*2139Sjp161948
468*2139Sjp161948 if (utype == V_ASN1_SET)
469*2139Sjp161948 is_set = 1;
470*2139Sjp161948 else
471*2139Sjp161948 is_set = 0;
472*2139Sjp161948
473*2139Sjp161948
474*2139Sjp161948 derlen = i2d_ASN1_SET_OF_ASN1_TYPE(sk, NULL, i2d_ASN1_TYPE, utype,
475*2139Sjp161948 V_ASN1_UNIVERSAL, is_set);
476*2139Sjp161948 der = OPENSSL_malloc(derlen);
477*2139Sjp161948 p = der;
478*2139Sjp161948 i2d_ASN1_SET_OF_ASN1_TYPE(sk, &p, i2d_ASN1_TYPE, utype,
479*2139Sjp161948 V_ASN1_UNIVERSAL, is_set);
480*2139Sjp161948
481*2139Sjp161948 if (!(ret = ASN1_TYPE_new()))
482*2139Sjp161948 goto bad;
483*2139Sjp161948
484*2139Sjp161948 if (!(ret->value.asn1_string = ASN1_STRING_type_new(utype)))
485*2139Sjp161948 goto bad;
486*2139Sjp161948
487*2139Sjp161948 ret->type = utype;
488*2139Sjp161948
489*2139Sjp161948 ret->value.asn1_string->data = der;
490*2139Sjp161948 ret->value.asn1_string->length = derlen;
491*2139Sjp161948
492*2139Sjp161948 der = NULL;
493*2139Sjp161948
494*2139Sjp161948 bad:
495*2139Sjp161948
496*2139Sjp161948 if (der)
497*2139Sjp161948 OPENSSL_free(der);
498*2139Sjp161948
499*2139Sjp161948 if (sk)
500*2139Sjp161948 sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free);
501*2139Sjp161948 if (typ)
502*2139Sjp161948 ASN1_TYPE_free(typ);
503*2139Sjp161948 if (sect)
504*2139Sjp161948 X509V3_section_free(cnf, sect);
505*2139Sjp161948
506*2139Sjp161948 return ret;
507*2139Sjp161948 }
508*2139Sjp161948
append_exp(tag_exp_arg * arg,int exp_tag,int exp_class,int exp_constructed,int exp_pad,int imp_ok)509*2139Sjp161948 static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_constructed, int exp_pad, int imp_ok)
510*2139Sjp161948 {
511*2139Sjp161948 tag_exp_type *exp_tmp;
512*2139Sjp161948 /* Can only have IMPLICIT if permitted */
513*2139Sjp161948 if ((arg->imp_tag != -1) && !imp_ok)
514*2139Sjp161948 {
515*2139Sjp161948 ASN1err(ASN1_F_APPEND_EXP, ASN1_R_ILLEGAL_IMPLICIT_TAG);
516*2139Sjp161948 return 0;
517*2139Sjp161948 }
518*2139Sjp161948
519*2139Sjp161948 if (arg->exp_count == ASN1_FLAG_EXP_MAX)
520*2139Sjp161948 {
521*2139Sjp161948 ASN1err(ASN1_F_APPEND_EXP, ASN1_R_DEPTH_EXCEEDED);
522*2139Sjp161948 return 0;
523*2139Sjp161948 }
524*2139Sjp161948
525*2139Sjp161948 exp_tmp = &arg->exp_list[arg->exp_count++];
526*2139Sjp161948
527*2139Sjp161948 /* If IMPLICIT set tag to implicit value then
528*2139Sjp161948 * reset implicit tag since it has been used.
529*2139Sjp161948 */
530*2139Sjp161948 if (arg->imp_tag != -1)
531*2139Sjp161948 {
532*2139Sjp161948 exp_tmp->exp_tag = arg->imp_tag;
533*2139Sjp161948 exp_tmp->exp_class = arg->imp_class;
534*2139Sjp161948 arg->imp_tag = -1;
535*2139Sjp161948 arg->imp_class = -1;
536*2139Sjp161948 }
537*2139Sjp161948 else
538*2139Sjp161948 {
539*2139Sjp161948 exp_tmp->exp_tag = exp_tag;
540*2139Sjp161948 exp_tmp->exp_class = exp_class;
541*2139Sjp161948 }
542*2139Sjp161948 exp_tmp->exp_constructed = exp_constructed;
543*2139Sjp161948 exp_tmp->exp_pad = exp_pad;
544*2139Sjp161948
545*2139Sjp161948 return 1;
546*2139Sjp161948 }
547*2139Sjp161948
548*2139Sjp161948
asn1_str2tag(const char * tagstr,int len)549*2139Sjp161948 static int asn1_str2tag(const char *tagstr, int len)
550*2139Sjp161948 {
551*2139Sjp161948 unsigned int i;
552*2139Sjp161948 static struct tag_name_st *tntmp, tnst [] = {
553*2139Sjp161948 ASN1_GEN_STR("BOOL", V_ASN1_BOOLEAN),
554*2139Sjp161948 ASN1_GEN_STR("BOOLEAN", V_ASN1_BOOLEAN),
555*2139Sjp161948 ASN1_GEN_STR("NULL", V_ASN1_NULL),
556*2139Sjp161948 ASN1_GEN_STR("INT", V_ASN1_INTEGER),
557*2139Sjp161948 ASN1_GEN_STR("INTEGER", V_ASN1_INTEGER),
558*2139Sjp161948 ASN1_GEN_STR("ENUM", V_ASN1_ENUMERATED),
559*2139Sjp161948 ASN1_GEN_STR("ENUMERATED", V_ASN1_ENUMERATED),
560*2139Sjp161948 ASN1_GEN_STR("OID", V_ASN1_OBJECT),
561*2139Sjp161948 ASN1_GEN_STR("OBJECT", V_ASN1_OBJECT),
562*2139Sjp161948 ASN1_GEN_STR("UTCTIME", V_ASN1_UTCTIME),
563*2139Sjp161948 ASN1_GEN_STR("UTC", V_ASN1_UTCTIME),
564*2139Sjp161948 ASN1_GEN_STR("GENERALIZEDTIME", V_ASN1_GENERALIZEDTIME),
565*2139Sjp161948 ASN1_GEN_STR("GENTIME", V_ASN1_GENERALIZEDTIME),
566*2139Sjp161948 ASN1_GEN_STR("OCT", V_ASN1_OCTET_STRING),
567*2139Sjp161948 ASN1_GEN_STR("OCTETSTRING", V_ASN1_OCTET_STRING),
568*2139Sjp161948 ASN1_GEN_STR("BITSTR", V_ASN1_BIT_STRING),
569*2139Sjp161948 ASN1_GEN_STR("BITSTRING", V_ASN1_BIT_STRING),
570*2139Sjp161948 ASN1_GEN_STR("UNIVERSALSTRING", V_ASN1_UNIVERSALSTRING),
571*2139Sjp161948 ASN1_GEN_STR("UNIV", V_ASN1_UNIVERSALSTRING),
572*2139Sjp161948 ASN1_GEN_STR("IA5", V_ASN1_IA5STRING),
573*2139Sjp161948 ASN1_GEN_STR("IA5STRING", V_ASN1_IA5STRING),
574*2139Sjp161948 ASN1_GEN_STR("UTF8", V_ASN1_UTF8STRING),
575*2139Sjp161948 ASN1_GEN_STR("UTF8String", V_ASN1_UTF8STRING),
576*2139Sjp161948 ASN1_GEN_STR("BMP", V_ASN1_BMPSTRING),
577*2139Sjp161948 ASN1_GEN_STR("BMPSTRING", V_ASN1_BMPSTRING),
578*2139Sjp161948 ASN1_GEN_STR("VISIBLESTRING", V_ASN1_VISIBLESTRING),
579*2139Sjp161948 ASN1_GEN_STR("VISIBLE", V_ASN1_VISIBLESTRING),
580*2139Sjp161948 ASN1_GEN_STR("PRINTABLESTRING", V_ASN1_PRINTABLESTRING),
581*2139Sjp161948 ASN1_GEN_STR("PRINTABLE", V_ASN1_PRINTABLESTRING),
582*2139Sjp161948 ASN1_GEN_STR("T61", V_ASN1_T61STRING),
583*2139Sjp161948 ASN1_GEN_STR("T61STRING", V_ASN1_T61STRING),
584*2139Sjp161948 ASN1_GEN_STR("TELETEXSTRING", V_ASN1_T61STRING),
585*2139Sjp161948 ASN1_GEN_STR("GeneralString", V_ASN1_GENERALSTRING),
586*2139Sjp161948 ASN1_GEN_STR("GENSTR", V_ASN1_GENERALSTRING),
587*2139Sjp161948
588*2139Sjp161948 /* Special cases */
589*2139Sjp161948 ASN1_GEN_STR("SEQUENCE", V_ASN1_SEQUENCE),
590*2139Sjp161948 ASN1_GEN_STR("SEQ", V_ASN1_SEQUENCE),
591*2139Sjp161948 ASN1_GEN_STR("SET", V_ASN1_SET),
592*2139Sjp161948 /* type modifiers */
593*2139Sjp161948 /* Explicit tag */
594*2139Sjp161948 ASN1_GEN_STR("EXP", ASN1_GEN_FLAG_EXP),
595*2139Sjp161948 ASN1_GEN_STR("EXPLICIT", ASN1_GEN_FLAG_EXP),
596*2139Sjp161948 /* Implicit tag */
597*2139Sjp161948 ASN1_GEN_STR("IMP", ASN1_GEN_FLAG_IMP),
598*2139Sjp161948 ASN1_GEN_STR("IMPLICIT", ASN1_GEN_FLAG_IMP),
599*2139Sjp161948 /* OCTET STRING wrapper */
600*2139Sjp161948 ASN1_GEN_STR("OCTWRAP", ASN1_GEN_FLAG_OCTWRAP),
601*2139Sjp161948 /* SEQUENCE wrapper */
602*2139Sjp161948 ASN1_GEN_STR("SEQWRAP", ASN1_GEN_FLAG_SEQWRAP),
603*2139Sjp161948 /* SET wrapper */
604*2139Sjp161948 ASN1_GEN_STR("SETWRAP", ASN1_GEN_FLAG_SETWRAP),
605*2139Sjp161948 /* BIT STRING wrapper */
606*2139Sjp161948 ASN1_GEN_STR("BITWRAP", ASN1_GEN_FLAG_BITWRAP),
607*2139Sjp161948 ASN1_GEN_STR("FORM", ASN1_GEN_FLAG_FORMAT),
608*2139Sjp161948 ASN1_GEN_STR("FORMAT", ASN1_GEN_FLAG_FORMAT),
609*2139Sjp161948 };
610*2139Sjp161948
611*2139Sjp161948 if (len == -1)
612*2139Sjp161948 len = strlen(tagstr);
613*2139Sjp161948
614*2139Sjp161948 tntmp = tnst;
615*2139Sjp161948 for (i = 0; i < sizeof(tnst) / sizeof(struct tag_name_st); i++, tntmp++)
616*2139Sjp161948 {
617*2139Sjp161948 if ((len == tntmp->len) && !strncmp(tntmp->strnam, tagstr, len))
618*2139Sjp161948 return tntmp->tag;
619*2139Sjp161948 }
620*2139Sjp161948
621*2139Sjp161948 return -1;
622*2139Sjp161948 }
623*2139Sjp161948
asn1_str2type(const char * str,int format,int utype)624*2139Sjp161948 static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
625*2139Sjp161948 {
626*2139Sjp161948 ASN1_TYPE *atmp = NULL;
627*2139Sjp161948
628*2139Sjp161948 CONF_VALUE vtmp;
629*2139Sjp161948
630*2139Sjp161948 unsigned char *rdata;
631*2139Sjp161948 long rdlen;
632*2139Sjp161948
633*2139Sjp161948 int no_unused = 1;
634*2139Sjp161948
635*2139Sjp161948 if (!(atmp = ASN1_TYPE_new()))
636*2139Sjp161948 {
637*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
638*2139Sjp161948 return NULL;
639*2139Sjp161948 }
640*2139Sjp161948
641*2139Sjp161948 if (!str)
642*2139Sjp161948 str = "";
643*2139Sjp161948
644*2139Sjp161948 switch(utype)
645*2139Sjp161948 {
646*2139Sjp161948
647*2139Sjp161948 case V_ASN1_NULL:
648*2139Sjp161948 if (str && *str)
649*2139Sjp161948 {
650*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_NULL_VALUE);
651*2139Sjp161948 goto bad_form;
652*2139Sjp161948 }
653*2139Sjp161948 break;
654*2139Sjp161948
655*2139Sjp161948 case V_ASN1_BOOLEAN:
656*2139Sjp161948 if (format != ASN1_GEN_FORMAT_ASCII)
657*2139Sjp161948 {
658*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_NOT_ASCII_FORMAT);
659*2139Sjp161948 goto bad_form;
660*2139Sjp161948 }
661*2139Sjp161948 vtmp.value = (char *)str;
662*2139Sjp161948 if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean))
663*2139Sjp161948 {
664*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BOOLEAN);
665*2139Sjp161948 goto bad_str;
666*2139Sjp161948 }
667*2139Sjp161948 break;
668*2139Sjp161948
669*2139Sjp161948 case V_ASN1_INTEGER:
670*2139Sjp161948 case V_ASN1_ENUMERATED:
671*2139Sjp161948 if (format != ASN1_GEN_FORMAT_ASCII)
672*2139Sjp161948 {
673*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_INTEGER_NOT_ASCII_FORMAT);
674*2139Sjp161948 goto bad_form;
675*2139Sjp161948 }
676*2139Sjp161948 if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str)))
677*2139Sjp161948 {
678*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_INTEGER);
679*2139Sjp161948 goto bad_str;
680*2139Sjp161948 }
681*2139Sjp161948 break;
682*2139Sjp161948
683*2139Sjp161948 case V_ASN1_OBJECT:
684*2139Sjp161948 if (format != ASN1_GEN_FORMAT_ASCII)
685*2139Sjp161948 {
686*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_OBJECT_NOT_ASCII_FORMAT);
687*2139Sjp161948 goto bad_form;
688*2139Sjp161948 }
689*2139Sjp161948 if (!(atmp->value.object = OBJ_txt2obj(str, 0)))
690*2139Sjp161948 {
691*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_OBJECT);
692*2139Sjp161948 goto bad_str;
693*2139Sjp161948 }
694*2139Sjp161948 break;
695*2139Sjp161948
696*2139Sjp161948 case V_ASN1_UTCTIME:
697*2139Sjp161948 case V_ASN1_GENERALIZEDTIME:
698*2139Sjp161948 if (format != ASN1_GEN_FORMAT_ASCII)
699*2139Sjp161948 {
700*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_TIME_NOT_ASCII_FORMAT);
701*2139Sjp161948 goto bad_form;
702*2139Sjp161948 }
703*2139Sjp161948 if (!(atmp->value.asn1_string = ASN1_STRING_new()))
704*2139Sjp161948 {
705*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
706*2139Sjp161948 goto bad_str;
707*2139Sjp161948 }
708*2139Sjp161948 if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1))
709*2139Sjp161948 {
710*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
711*2139Sjp161948 goto bad_str;
712*2139Sjp161948 }
713*2139Sjp161948 atmp->value.asn1_string->type = utype;
714*2139Sjp161948 if (!ASN1_TIME_check(atmp->value.asn1_string))
715*2139Sjp161948 {
716*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_TIME_VALUE);
717*2139Sjp161948 goto bad_str;
718*2139Sjp161948 }
719*2139Sjp161948
720*2139Sjp161948 break;
721*2139Sjp161948
722*2139Sjp161948 case V_ASN1_BMPSTRING:
723*2139Sjp161948 case V_ASN1_PRINTABLESTRING:
724*2139Sjp161948 case V_ASN1_IA5STRING:
725*2139Sjp161948 case V_ASN1_T61STRING:
726*2139Sjp161948 case V_ASN1_UTF8STRING:
727*2139Sjp161948 case V_ASN1_VISIBLESTRING:
728*2139Sjp161948 case V_ASN1_UNIVERSALSTRING:
729*2139Sjp161948 case V_ASN1_GENERALSTRING:
730*2139Sjp161948
731*2139Sjp161948 if (format == ASN1_GEN_FORMAT_ASCII)
732*2139Sjp161948 format = MBSTRING_ASC;
733*2139Sjp161948 else if (format == ASN1_GEN_FORMAT_UTF8)
734*2139Sjp161948 format = MBSTRING_UTF8;
735*2139Sjp161948 else
736*2139Sjp161948 {
737*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_FORMAT);
738*2139Sjp161948 goto bad_form;
739*2139Sjp161948 }
740*2139Sjp161948
741*2139Sjp161948
742*2139Sjp161948 if (ASN1_mbstring_copy(&atmp->value.asn1_string, (unsigned char *)str,
743*2139Sjp161948 -1, format, ASN1_tag2bit(utype)) <= 0)
744*2139Sjp161948 {
745*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
746*2139Sjp161948 goto bad_str;
747*2139Sjp161948 }
748*2139Sjp161948
749*2139Sjp161948
750*2139Sjp161948 break;
751*2139Sjp161948
752*2139Sjp161948 case V_ASN1_BIT_STRING:
753*2139Sjp161948
754*2139Sjp161948 case V_ASN1_OCTET_STRING:
755*2139Sjp161948
756*2139Sjp161948 if (!(atmp->value.asn1_string = ASN1_STRING_new()))
757*2139Sjp161948 {
758*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
759*2139Sjp161948 goto bad_form;
760*2139Sjp161948 }
761*2139Sjp161948
762*2139Sjp161948 if (format == ASN1_GEN_FORMAT_HEX)
763*2139Sjp161948 {
764*2139Sjp161948
765*2139Sjp161948 if (!(rdata = string_to_hex((char *)str, &rdlen)))
766*2139Sjp161948 {
767*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_HEX);
768*2139Sjp161948 goto bad_str;
769*2139Sjp161948 }
770*2139Sjp161948
771*2139Sjp161948 atmp->value.asn1_string->data = rdata;
772*2139Sjp161948 atmp->value.asn1_string->length = rdlen;
773*2139Sjp161948 atmp->value.asn1_string->type = utype;
774*2139Sjp161948
775*2139Sjp161948 }
776*2139Sjp161948 else if (format == ASN1_GEN_FORMAT_ASCII)
777*2139Sjp161948 ASN1_STRING_set(atmp->value.asn1_string, str, -1);
778*2139Sjp161948 else if ((format == ASN1_GEN_FORMAT_BITLIST) && (utype == V_ASN1_BIT_STRING))
779*2139Sjp161948 {
780*2139Sjp161948 if (!CONF_parse_list(str, ',', 1, bitstr_cb, atmp->value.bit_string))
781*2139Sjp161948 {
782*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_LIST_ERROR);
783*2139Sjp161948 goto bad_str;
784*2139Sjp161948 }
785*2139Sjp161948 no_unused = 0;
786*2139Sjp161948
787*2139Sjp161948 }
788*2139Sjp161948 else
789*2139Sjp161948 {
790*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BITSTRING_FORMAT);
791*2139Sjp161948 goto bad_form;
792*2139Sjp161948 }
793*2139Sjp161948
794*2139Sjp161948 if ((utype == V_ASN1_BIT_STRING) && no_unused)
795*2139Sjp161948 {
796*2139Sjp161948 atmp->value.asn1_string->flags
797*2139Sjp161948 &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
798*2139Sjp161948 atmp->value.asn1_string->flags
799*2139Sjp161948 |= ASN1_STRING_FLAG_BITS_LEFT;
800*2139Sjp161948 }
801*2139Sjp161948
802*2139Sjp161948
803*2139Sjp161948 break;
804*2139Sjp161948
805*2139Sjp161948 default:
806*2139Sjp161948 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_UNSUPPORTED_TYPE);
807*2139Sjp161948 goto bad_str;
808*2139Sjp161948 break;
809*2139Sjp161948 }
810*2139Sjp161948
811*2139Sjp161948
812*2139Sjp161948 atmp->type = utype;
813*2139Sjp161948 return atmp;
814*2139Sjp161948
815*2139Sjp161948
816*2139Sjp161948 bad_str:
817*2139Sjp161948 ERR_add_error_data(2, "string=", str);
818*2139Sjp161948 bad_form:
819*2139Sjp161948
820*2139Sjp161948 ASN1_TYPE_free(atmp);
821*2139Sjp161948 return NULL;
822*2139Sjp161948
823*2139Sjp161948 }
824*2139Sjp161948
bitstr_cb(const char * elem,int len,void * bitstr)825*2139Sjp161948 static int bitstr_cb(const char *elem, int len, void *bitstr)
826*2139Sjp161948 {
827*2139Sjp161948 long bitnum;
828*2139Sjp161948 char *eptr;
829*2139Sjp161948 if (!elem)
830*2139Sjp161948 return 0;
831*2139Sjp161948 bitnum = strtoul(elem, &eptr, 10);
832*2139Sjp161948 if (eptr && *eptr && (eptr != elem + len))
833*2139Sjp161948 return 0;
834*2139Sjp161948 if (bitnum < 0)
835*2139Sjp161948 {
836*2139Sjp161948 ASN1err(ASN1_F_BITSTR_CB, ASN1_R_INVALID_NUMBER);
837*2139Sjp161948 return 0;
838*2139Sjp161948 }
839*2139Sjp161948 if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1))
840*2139Sjp161948 {
841*2139Sjp161948 ASN1err(ASN1_F_BITSTR_CB, ERR_R_MALLOC_FAILURE);
842*2139Sjp161948 return 0;
843*2139Sjp161948 }
844*2139Sjp161948 return 1;
845*2139Sjp161948 }
846*2139Sjp161948
847