📄 dnstring.c
字号:
/****************************************************************************
* *
* Certificate String Routines *
* Copyright Peter Gutmann 1996-2004 *
* *
****************************************************************************/
#include <ctype.h>
#include <stdlib.h>
#include <string.h>
#if defined( INC_ALL )
#include "cert.h"
#include "asn1.h"
#elif defined( INC_CHILD )
#include "cert.h"
#include "../misc/asn1.h"
#else
#include "cert/cert.h"
#include "misc/asn1.h"
#endif /* Compiler-specific includes */
/* The character set (or at least ASN.1 string type) for a string. Although
IA5String and VisibleString/ISO646String are technically different, the
only real difference is that IA5String allows the full range of control
characters, which isn't notably useful. For this reason we treat both as
ISO646String. Sometimes we can be fed Unicode strings that are just
bloated versions of another string type, so we need to account for these
as well.
UTF-8 strings are a pain because they're not supported as any native
format. For this reason we convert them to a more useful local
character set (ASCII, 8859-1, or Unicode as appropriate) when we read
them to make them usable. Although their use is required after the
cutover date of December 2003, by unspoken unanimous consensus of
implementors everywhere, implementations are sticking with the existing
DN encoding to avoid breaking things */
typedef enum {
STRINGTYPE_NONE, /* No string type */
/* 8-bit character types */
STRINGTYPE_PRINTABLE, /* PrintableString */
STRINGTYPE_IA5, /* IA5String */
STRINGTYPE_VISIBLE = STRINGTYPE_IA5, /* VisibleString */
/* VisibleString as Unicode */
STRINGTYPE_T61, /* T61 (8859-1) string */
/* 8-bit types masquerading as Unicode */
STRINGTYPE_UNICODE_PRINTABLE, /* PrintableString as Unicode */
STRINGTYPE_UNICODE_IA5, /* IA5String as Unicode */
STRINGTYPE_UNICODE_VISIBLE = STRINGTYPE_UNICODE_IA5,
STRINGTYPE_UNICODE_T61, /* 8859-1 as Unicode */
/* Unicode/UTF-8 */
STRINGTYPE_UNICODE, /* Unicode string */
STRINGTYPE_UTF8 /* UTF-8 string */
} ASN1_STRINGTYPE;
/* Since wchar_t can be anything from 8 bits (Borland C++ under DOS) to 64
bits (RISC Unixen), we define a bmpchar_t for Unicode/BMPString chars
which is always 16 bits as required for BMPStrings, to match wchar_t.
The conversion to and from a BMPString and wchar_t may require narrowing
or widening of characters, and possibly endianness conversion as well */
typedef unsigned short int bmpchar_t; /* Unicode data type */
#define UCSIZE 2
/****************************************************************************
* *
* Character Set Management Functions *
* *
****************************************************************************/
/* Because of the bizarre (and mostly useless) collection of ASN.1 character
types, we need to be very careful about what we allow in a string. The
following table is used to determine whether a character is valid within
a given string type.
Although IA5String and VisibleString/ISO646String are technically
different, the only real difference is that IA5String allows the full
range of control characters, which isn't notably useful. For this reason
we treat both as ISO646String */
#define P 1 /* PrintableString */
#define I 2 /* IA5String/VisibleString/ISO646String */
#define PI ( P | I ) /* PrintableString and IA5String */
static const FAR_BSS int asn1CharFlags[] = {
/* 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F */
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
/* 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F */
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
/* ! " # $ % & ' ( ) * + , - . / */
PI, I, I, I, I, I, I, PI, PI, PI, I, PI, PI, PI, PI, PI,
/* 0 1 2 3 4 5 6 7 8 9 : ; < = > ? */
PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, I, I, PI, I, PI,
/* @ A B C D E F G H I J K L M N O */
I, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI,
/* P Q R S T U V W X Y Z [ \ ] ^ _ */
PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, I, I, I, I, I,
/* ` a b c d e f g h i j k l m n o */
I, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI,
/* p q r s t u v w x y z { | } ~ DL */
PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, PI, I, I, I, I, 0
};
#define nativeCharFlags asn1CharFlags
/* Extract a widechar or bmpchar from an (arbitrarily-aligned) string */
static wchar_t getWidechar( const BYTE *string )
{
wchar_t ch = 0;
#ifdef DATA_LITTLEENDIAN
int shiftAmt = 0;
#endif /* DATA_LITTLEENDIAN */
int i;
/* Since we're reading wchar_t-sized values from a char-aligned source,
we have to assemble the data a byte at a time to handle systems where
non-char values can only be accessed on word-aligned boundaries */
for( i = 0; i < sizeof( wchar_t ); i++ )
{
#ifdef DATA_LITTLEENDIAN
ch |= *string++ << shiftAmt;
shiftAmt += 8;
#else
ch = ( ch << 8 ) | *string++;
#endif /* DATA_LITTLEENDIAN */
}
return( ch );
}
static wchar_t getBmpchar( const BYTE *string )
{
return( ( ( ( bmpchar_t ) string[ 0 ] ) << 8 ) | \
( bmpchar_t ) string[ 1 ] );
}
/* Try and guess whether a native string is a widechar string */
static BOOLEAN isNativeWidecharString( const BYTE *string, const int length )
{
const wchar_t wCh = getWidechar( string );
int hiByte = 0, i;
assert( !( length % WCSIZE ) );
assert( !( ( int ) string & 1 ) );
/* If it's too short to be a widechar string, it's definitely not
Unicode */
if( length < WCSIZE )
/* "Too skinny to join the army they said. Didn't make the weight
they said" */
return( FALSE );
/* If wchar_t is > 16 bits and the bits above 16 are set or all zero,
it's either definitely not Unicode or Unicode */
#if INT_MAX > 0xFFFFL
if( WCSIZE > 2 )
return( ( wCh > 0xFFFF ) ? FALSE : TRUE );
#endif /* > 16-bit machines */
/* If wchar_t is 8 bits, it's never Unicode. We make this conditional on
the system being 16-bit to avoid compiler warnings about dead code on
the majority of systems, which have > 8-bit wchar_t */
#if INT_MAX < 0xFFFFL
if( WCSIZE < 2 )
return( FALSE );
#endif /* WCSIZE */
/* wchar_t is 16 bits, make sure that we don't get false positives with
short strings. Two-char strings are more likely to be ASCII than a
single widechar, and repeated alternate chars (e.g. "tanaka") in an
ASCII string appear to be widechars for the general-purpose check
below so we check for these in strings of 2-3 wide chars before we
perform the general-purpose check */
if( length <= ( WCSIZE * 3 ) && wCh > 0xFF )
{
if( length == WCSIZE )
{
/* Check for a two-char ASCII string, usually a country name */
if( isPrint( string[ 0 ] ) && isPrint( string[ 1 ] ) )
return( FALSE );
}
else
{
const int hi1 = wCh >> 8;
const int hi2 = getWidechar( string + WCSIZE ) >> 8;
const int hi3 = ( length > WCSIZE * 2 ) ? \
getWidechar( string + ( WCSIZE * 2 ) ) >> 8 : hi1;
assert( length == ( WCSIZE * 2 ) || length == ( WCSIZE * 3 ) );
/* Check for alternate chars being ASCII */
if( isAlnum( hi1 ) && isAlnum( hi2 ) && isAlnum( hi3 ) && \
hi1 == hi2 && hi2 == hi3 )
return( FALSE );
}
}
/* wchar_t is 16 bits, check whether it's in the form { 00 xx }* or
{ AA|00 xx }*, either ASCII-as-Unicode or Unicode. The code used
below is safe because to get to this point the string has to be some
multiple of 2 bytes long. Note that if someone passes in a 1-byte
string and mistakenly includes the terminator in the length it'll be
identified as a 16-bit widechar string, but this doesn't really
matter since it'll get "converted" into a non-widechar string later */
for( i = 0; i < length; i += WCSIZE )
{
const wchar_t wCh = getWidechar( string );
string += WCSIZE;
if( wCh > 0xFF )
{
const int wChHi = wCh >> 8;
assert( wChHi );
/* If we haven't already seen a high byte, remember it */
if( hiByte == 0 )
hiByte = wChHi;
else
/* If the current high byte doesn't match the previous one,
it's probably 8-bit chars */
if( wChHi != hiByte )
return( FALSE );
}
}
return( TRUE ); /* Probably 16-bit chars */
}
/* Try and figure out the true string type for an ASN.1-encoded or native
string. This detects (or at least tries to detect) not only the basic
string type, but also basic string types encoded as widechar strings, and
widechar strings encoded as basic string types */
static ASN1_STRINGTYPE get8bitStringType( const BYTE *string,
const int stringLen )
{
BOOLEAN notPrintable = FALSE, notIA5 = FALSE;
int length;
/* Walk down the string checking each character */
for( length = stringLen; length > 0; length-- )
{
const BYTE ch = *string++;
/* If the high bit is set, it's not an ASCII subset */
if( ch >= 128 )
{
notPrintable = notIA5 = TRUE;
if( !asn1CharFlags[ ch & 0x7F ] )
/* It's not 8859-1 either, probably some odd widechar type */
return( STRINGTYPE_NONE );
}
else
{
/* Check whether it's a PrintableString */
if( !( asn1CharFlags[ ch ] & P ) )
notPrintable = TRUE;
/* Check whether it's something peculiar */
if( !asn1CharFlags[ ch ] )
return( STRINGTYPE_NONE );
}
}
return( notIA5 ? STRINGTYPE_T61 : notPrintable ? STRINGTYPE_IA5 : \
STRINGTYPE_PRINTABLE );
}
static ASN1_STRINGTYPE getAsn1StringType( const BYTE *string,
const int stringLen,
const int stringTag )
{
assert( isReadPtr( string, stringLen ) );
/* If it's a multiple of bmpchar_t in size, check whether it's a
BMPString stuffed into a T61String or an 8-bit string encoded as a
BMPString. The following code assumes that anything claiming to be a
BMPString is always something else, this currently seems to hold true
for all BMPStrings. Hopefully by the time anyone gets around to
using > 8-bit characters everyone will be using UTF8Strings, because
there's no easy way to distinguish between a byte string which is a
> 8-bit BMPString and a 7/8-bit string */
if( !( stringLen % UCSIZE ) && !*string )
{
BOOLEAN notPrintable = FALSE, notIA5 = FALSE;
int length;
/* The first character is a null, it's an 8-bit string stuffed into
a BMPString (these are always big-endian, even coming from
Microsoft software, so we don't have to check for a null as the
second character) */
for( length = stringLen; length > 0; length -= UCSIZE )
{
/* Since we're reading bmpchar_t-sized values from a char-
aligned source, we have to assemble the data a byte at a time
to handle systems where non-char values can only be accessed
on word-aligned boundaries */
const bmpchar_t ch = getBmpchar( string );
string += UCSIZE;
/* If the high bit is set, it's not an ASCII subset */
if( ch >= 128 )
{
notPrintable = notIA5 = TRUE;
if( !asn1CharFlags[ ch & 0x7F ] )
/* It's not 8859-1 either */
return( STRINGTYPE_UNICODE );
}
else
/* Check whether it's a PrintableString */
if( !( asn1CharFlags[ ch ] & P ) )
notPrintable = TRUE;
}
return( notIA5 ? STRINGTYPE_UNICODE_T61 : notPrintable ? \
STRINGTYPE_UNICODE_IA5 : STRINGTYPE_UNICODE_PRINTABLE );
}
/* If it's supposed to be Unicode and not an 8-bit string encoded as a
Unicode string, it's Unicode */
if( stringTag == BER_STRING_BMP && !( stringLen % UCSIZE ) )
return( STRINGTYPE_UNICODE );
/* Determine the 8-bit string type */
return( get8bitStringType( string, stringLen ) );
}
static ASN1_STRINGTYPE getNativeStringType( const BYTE *string,
const int stringLen )
{
BOOLEAN notPrintable = FALSE, notIA5 = FALSE;
assert( isReadPtr( string, stringLen ) );
/* If it's a multiple of wchar_t in size, check whether it's a widechar
string. If it's a widechar string it may actually be something else
that's been bloated out into widechars, so we check for this as
well */
if( !( stringLen % WCSIZE ) && \
isNativeWidecharString( string, stringLen ) )
{
int length;
for( length = stringLen; length > 0; length -= WCSIZE )
{
const wchar_t ch = getWidechar( string );
string += WCSIZE;
/* Safety check */
if( ch < 0 )
return( STRINGTYPE_NONE );
/* If the high bit is set, it's not an ASCII subset */
if( ch >= 128 )
{
notPrintable = notIA5 = TRUE;
if( !nativeCharFlags[ ch & 0x7F ] )
/* It's not 8859-1 either */
return( STRINGTYPE_UNICODE );
}
else
/* Check whether it's a PrintableString */
if( !( nativeCharFlags[ ch ] & P ) )
notPrintable = TRUE;
}
return( notIA5 ? STRINGTYPE_UNICODE_T61 : notPrintable ? \
STRINGTYPE_UNICODE_IA5 : STRINGTYPE_UNICODE_PRINTABLE );
}
/* Determine the 8-bit string type */
return( get8bitStringType( string, stringLen ) );
}
/****************************************************************************
* *
* UTF-8 Functions *
* *
****************************************************************************/
/* UTF-8 length-of-length handling */
static const int utf8bytesTbl[] = {
3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3,
4, 4, 4, 4, 4, 4, 4, 4, 5, 5, 5, 5, 6, 6, 6, 6
};
#define utf8bytes( value ) ( ( value <= 192 ) ? 1 : \
( value <= 224 ) ? 2 : \
utf8bytesTbl[ ( value ) - 224 ] )
/* Parse one character from the string, enforcing the UTF-8 canonical-
encoding rules:
00 - 7F = 0xxxxxxx
80 - 7FF = 110xxxxx 10xxxxxx
800 - FFFF = 1110xxxx 10xxxxxx 10xxxxxx */
static long getUTF8Char( const BYTE *string, const int maxLen,
int *charByteCount )
{
const int firstChar = *string;
const int count = utf8bytes( firstChar );
long ch;
*charByteCount = count;
if( count < 1 || count > 3 || count > maxLen )
return( CRYPT_ERROR_BADDATA );
switch( count )
{
case 1:
ch = firstChar & 0x7F;
break;
case 2:
if( ( firstChar & 0xE0 ) != 0xC0 || \
( string[ 1 ] & 0xC0 ) != 0x80 )
return( CRYPT_ERROR_BADDATA );
ch = ( ( firstChar & 0x1F ) << 6 ) | \
( string[ 1 ] & 0x3F );
break;
case 3:
if( ( firstChar & 0xF0 ) != 0xE0 || \
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -