/* Copyright (C) 1995-1998 Eric Young ([email protected]) * All rights reserved. * * This package is an SSL implementation written * by Eric Young ([email protected]). * The implementation was written so as to conform with Netscapes SSL. * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson ([email protected]). * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * "This product includes cryptographic software written by * Eric Young ([email protected])" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson ([email protected])" * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] */ #include <ctype.h> #include <string.h> #include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/buf.h> #include <openssl/err.h> #include <openssl/mem.h> #include <openssl/obj.h> #include <openssl/stack.h> #include <openssl/x509.h> #include "../asn1/internal.h" #include "../internal.h" #include "internal.h" STACK_OF_X509_NAME_ENTRY; DEFINE_STACK_OF(…) // Maximum length of X509_NAME: much larger than anything we should // ever see in practice. #define X509_NAME_MAX … static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it, int opt, ASN1_TLC *ctx); static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it); static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it); static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it); static int x509_name_encode(X509_NAME *a); static int x509_name_canon(X509_NAME *a); static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in); static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname, unsigned char **in); ASN1_SEQUENCE(X509_NAME_ENTRY) = … ASN1_SEQUENCE_END(X509_NAME_ENTRY) IMPLEMENT_ASN1_ALLOC_FUNCTIONS(…) IMPLEMENT_ASN1_DUP_FUNCTION_const(…) // For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY } so // declare two template wrappers for this ASN1_ITEM_TEMPLATE(X509_NAME_ENTRIES) = … ASN1_ITEM_TEMPLATE_END(X509_NAME_ENTRIES) ASN1_ITEM_TEMPLATE(X509_NAME_INTERNAL) = … ASN1_ITEM_TEMPLATE_END(X509_NAME_INTERNAL) // Normally that's where it would end: we'd have two nested STACK structures // representing the ASN1. Unfortunately X509_NAME uses a completely different // form and caches encodings so we have to process the internal form and // convert to the external form. static const ASN1_EXTERN_FUNCS x509_name_ff = …; IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff) IMPLEMENT_ASN1_FUNCTIONS(…) IMPLEMENT_ASN1_DUP_FUNCTION(…) static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it) { … } static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) { … } static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne) { … } static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne) { … } static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it, int opt, ASN1_TLC *ctx) { … } static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it) { … } static int x509_name_encode(X509_NAME *a) { … } // This function generates the canonical encoding of the Name structure. In // it all strings are converted to UTF8, leading, trailing and multiple // spaces collapsed, converted to lower case and the leading SEQUENCE header // removed. In future we could also normalize the UTF8 too. By doing this // comparison of Name structures can be rapidly perfomed by just using // OPENSSL_memcmp() of the canonical encoding. By omitting the leading SEQUENCE // name constraints of type dirName can also be checked with a simple // OPENSSL_memcmp(). static int x509_name_canon(X509_NAME *a) { … } // Bitmap of all the types of string that will be canonicalized. #define ASN1_MASK_CANON … static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in) { … } static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *_intname, unsigned char **in) { … } int X509_NAME_set(X509_NAME **xn, X509_NAME *name) { … } int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne) { … } int X509_NAME_get0_der(X509_NAME *nm, const unsigned char **out_der, size_t *out_der_len) { … }