1b077aed3SPierre Pronchery /*
2*0d0c8621SEnji Cooper * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
3b077aed3SPierre Pronchery *
4b077aed3SPierre Pronchery * Licensed under the Apache License 2.0 (the "License"). You may not use
5b077aed3SPierre Pronchery * this file except in compliance with the License. You can obtain a copy
6b077aed3SPierre Pronchery * in the file LICENSE in the source distribution or at
7b077aed3SPierre Pronchery * https://www.openssl.org/source/license.html
8b077aed3SPierre Pronchery */
9b077aed3SPierre Pronchery
10b077aed3SPierre Pronchery #include <stdio.h>
11b077aed3SPierre Pronchery #include <stdlib.h>
12b077aed3SPierre Pronchery #include <string.h>
13b077aed3SPierre Pronchery #include "apps.h"
14b077aed3SPierre Pronchery #include "progs.h"
15b077aed3SPierre Pronchery #include <openssl/err.h>
16b077aed3SPierre Pronchery #include <openssl/evp.h>
17b077aed3SPierre Pronchery #include <openssl/x509.h>
18b077aed3SPierre Pronchery #include <openssl/pem.h>
19b077aed3SPierre Pronchery #include <openssl/asn1t.h>
20b077aed3SPierre Pronchery
21b077aed3SPierre Pronchery typedef enum OPTION_choice {
22b077aed3SPierre Pronchery OPT_COMMON,
23b077aed3SPierre Pronchery OPT_INFORM, OPT_IN, OPT_OUT, OPT_INDENT, OPT_NOOUT,
24b077aed3SPierre Pronchery OPT_OID, OPT_OFFSET, OPT_LENGTH, OPT_DUMP, OPT_DLIMIT,
25b077aed3SPierre Pronchery OPT_STRPARSE, OPT_GENSTR, OPT_GENCONF, OPT_STRICTPEM,
26b077aed3SPierre Pronchery OPT_ITEM
27b077aed3SPierre Pronchery } OPTION_CHOICE;
28b077aed3SPierre Pronchery
29b077aed3SPierre Pronchery const OPTIONS asn1parse_options[] = {
30b077aed3SPierre Pronchery OPT_SECTION("General"),
31b077aed3SPierre Pronchery {"help", OPT_HELP, '-', "Display this summary"},
32b077aed3SPierre Pronchery {"oid", OPT_OID, '<', "file of extra oid definitions"},
33b077aed3SPierre Pronchery
34b077aed3SPierre Pronchery OPT_SECTION("I/O"),
35b077aed3SPierre Pronchery {"inform", OPT_INFORM, 'F', "input format - one of DER PEM"},
36b077aed3SPierre Pronchery {"in", OPT_IN, '<', "input file"},
37b077aed3SPierre Pronchery {"out", OPT_OUT, '>', "output file (output format is always DER)"},
38b077aed3SPierre Pronchery {"noout", OPT_NOOUT, 0, "do not produce any output"},
39b077aed3SPierre Pronchery {"offset", OPT_OFFSET, 'p', "offset into file"},
40b077aed3SPierre Pronchery {"length", OPT_LENGTH, 'p', "length of section in file"},
41b077aed3SPierre Pronchery {"strparse", OPT_STRPARSE, 'p',
42b077aed3SPierre Pronchery "offset; a series of these can be used to 'dig'"},
43b077aed3SPierre Pronchery {"genstr", OPT_GENSTR, 's', "string to generate ASN1 structure from"},
44b077aed3SPierre Pronchery {OPT_MORE_STR, 0, 0, "into multiple ASN1 blob wrappings"},
45b077aed3SPierre Pronchery {"genconf", OPT_GENCONF, 's', "file to generate ASN1 structure from"},
46b077aed3SPierre Pronchery {"strictpem", OPT_STRICTPEM, 0,
47b077aed3SPierre Pronchery "do not attempt base64 decode outside PEM markers"},
48b077aed3SPierre Pronchery {"item", OPT_ITEM, 's', "item to parse and print"},
49b077aed3SPierre Pronchery {OPT_MORE_STR, 0, 0, "(-inform will be ignored)"},
50b077aed3SPierre Pronchery
51b077aed3SPierre Pronchery OPT_SECTION("Formatting"),
52b077aed3SPierre Pronchery {"i", OPT_INDENT, 0, "indents the output"},
53b077aed3SPierre Pronchery {"dump", OPT_DUMP, 0, "unknown data in hex form"},
54b077aed3SPierre Pronchery {"dlimit", OPT_DLIMIT, 'p',
55b077aed3SPierre Pronchery "dump the first arg bytes of unknown data in hex form"},
56b077aed3SPierre Pronchery {NULL}
57b077aed3SPierre Pronchery };
58b077aed3SPierre Pronchery
59b077aed3SPierre Pronchery static int do_generate(char *genstr, const char *genconf, BUF_MEM *buf);
60b077aed3SPierre Pronchery
asn1parse_main(int argc,char ** argv)61b077aed3SPierre Pronchery int asn1parse_main(int argc, char **argv)
62b077aed3SPierre Pronchery {
63b077aed3SPierre Pronchery ASN1_TYPE *at = NULL;
64b077aed3SPierre Pronchery BIO *in = NULL, *b64 = NULL, *derout = NULL;
65b077aed3SPierre Pronchery BUF_MEM *buf = NULL;
66b077aed3SPierre Pronchery STACK_OF(OPENSSL_STRING) *osk = NULL;
67b077aed3SPierre Pronchery char *genstr = NULL, *genconf = NULL;
68b077aed3SPierre Pronchery char *infile = NULL, *oidfile = NULL, *derfile = NULL;
69b077aed3SPierre Pronchery unsigned char *str = NULL;
70b077aed3SPierre Pronchery char *name = NULL, *header = NULL, *prog;
71b077aed3SPierre Pronchery const unsigned char *ctmpbuf;
72b077aed3SPierre Pronchery int indent = 0, noout = 0, dump = 0, strictpem = 0, informat = FORMAT_PEM;
73b077aed3SPierre Pronchery int offset = 0, ret = 1, i, j;
74b077aed3SPierre Pronchery long num, tmplen;
75b077aed3SPierre Pronchery unsigned char *tmpbuf;
76b077aed3SPierre Pronchery unsigned int length = 0;
77b077aed3SPierre Pronchery OPTION_CHOICE o;
78b077aed3SPierre Pronchery const ASN1_ITEM *it = NULL;
79b077aed3SPierre Pronchery
80b077aed3SPierre Pronchery prog = opt_init(argc, argv, asn1parse_options);
81b077aed3SPierre Pronchery
82b077aed3SPierre Pronchery if ((osk = sk_OPENSSL_STRING_new_null()) == NULL) {
83b077aed3SPierre Pronchery BIO_printf(bio_err, "%s: Memory allocation failure\n", prog);
84b077aed3SPierre Pronchery goto end;
85b077aed3SPierre Pronchery }
86b077aed3SPierre Pronchery
87b077aed3SPierre Pronchery while ((o = opt_next()) != OPT_EOF) {
88b077aed3SPierre Pronchery switch (o) {
89b077aed3SPierre Pronchery case OPT_EOF:
90b077aed3SPierre Pronchery case OPT_ERR:
91b077aed3SPierre Pronchery opthelp:
92b077aed3SPierre Pronchery BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
93b077aed3SPierre Pronchery goto end;
94b077aed3SPierre Pronchery case OPT_HELP:
95b077aed3SPierre Pronchery opt_help(asn1parse_options);
96b077aed3SPierre Pronchery ret = 0;
97b077aed3SPierre Pronchery goto end;
98b077aed3SPierre Pronchery case OPT_INFORM:
99b077aed3SPierre Pronchery if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &informat))
100b077aed3SPierre Pronchery goto opthelp;
101b077aed3SPierre Pronchery break;
102b077aed3SPierre Pronchery case OPT_IN:
103b077aed3SPierre Pronchery infile = opt_arg();
104b077aed3SPierre Pronchery break;
105b077aed3SPierre Pronchery case OPT_OUT:
106b077aed3SPierre Pronchery derfile = opt_arg();
107b077aed3SPierre Pronchery break;
108b077aed3SPierre Pronchery case OPT_INDENT:
109b077aed3SPierre Pronchery indent = 1;
110b077aed3SPierre Pronchery break;
111b077aed3SPierre Pronchery case OPT_NOOUT:
112b077aed3SPierre Pronchery noout = 1;
113b077aed3SPierre Pronchery break;
114b077aed3SPierre Pronchery case OPT_OID:
115b077aed3SPierre Pronchery oidfile = opt_arg();
116b077aed3SPierre Pronchery break;
117b077aed3SPierre Pronchery case OPT_OFFSET:
118b077aed3SPierre Pronchery offset = strtol(opt_arg(), NULL, 0);
119b077aed3SPierre Pronchery break;
120b077aed3SPierre Pronchery case OPT_LENGTH:
121b077aed3SPierre Pronchery length = strtol(opt_arg(), NULL, 0);
122b077aed3SPierre Pronchery break;
123b077aed3SPierre Pronchery case OPT_DUMP:
124b077aed3SPierre Pronchery dump = -1;
125b077aed3SPierre Pronchery break;
126b077aed3SPierre Pronchery case OPT_DLIMIT:
127b077aed3SPierre Pronchery dump = strtol(opt_arg(), NULL, 0);
128b077aed3SPierre Pronchery break;
129b077aed3SPierre Pronchery case OPT_STRPARSE:
130*0d0c8621SEnji Cooper if (sk_OPENSSL_STRING_push(osk, opt_arg()) <= 0)
131*0d0c8621SEnji Cooper goto end;
132b077aed3SPierre Pronchery break;
133b077aed3SPierre Pronchery case OPT_GENSTR:
134b077aed3SPierre Pronchery genstr = opt_arg();
135b077aed3SPierre Pronchery break;
136b077aed3SPierre Pronchery case OPT_GENCONF:
137b077aed3SPierre Pronchery genconf = opt_arg();
138b077aed3SPierre Pronchery break;
139b077aed3SPierre Pronchery case OPT_STRICTPEM:
140b077aed3SPierre Pronchery strictpem = 1;
141b077aed3SPierre Pronchery informat = FORMAT_PEM;
142b077aed3SPierre Pronchery break;
143b077aed3SPierre Pronchery case OPT_ITEM:
144b077aed3SPierre Pronchery it = ASN1_ITEM_lookup(opt_arg());
145b077aed3SPierre Pronchery if (it == NULL) {
146b077aed3SPierre Pronchery size_t tmp;
147b077aed3SPierre Pronchery
148b077aed3SPierre Pronchery BIO_printf(bio_err, "Unknown item name %s\n", opt_arg());
149b077aed3SPierre Pronchery BIO_puts(bio_err, "Supported types:\n");
150b077aed3SPierre Pronchery for (tmp = 0;; tmp++) {
151b077aed3SPierre Pronchery it = ASN1_ITEM_get(tmp);
152b077aed3SPierre Pronchery if (it == NULL)
153b077aed3SPierre Pronchery break;
154b077aed3SPierre Pronchery BIO_printf(bio_err, " %s\n", it->sname);
155b077aed3SPierre Pronchery }
156b077aed3SPierre Pronchery goto end;
157b077aed3SPierre Pronchery }
158b077aed3SPierre Pronchery break;
159b077aed3SPierre Pronchery }
160b077aed3SPierre Pronchery }
161b077aed3SPierre Pronchery
162b077aed3SPierre Pronchery /* No extra args. */
163b077aed3SPierre Pronchery argc = opt_num_rest();
164b077aed3SPierre Pronchery if (argc != 0)
165b077aed3SPierre Pronchery goto opthelp;
166b077aed3SPierre Pronchery
167b077aed3SPierre Pronchery if (oidfile != NULL) {
168b077aed3SPierre Pronchery in = bio_open_default(oidfile, 'r', FORMAT_TEXT);
169b077aed3SPierre Pronchery if (in == NULL)
170b077aed3SPierre Pronchery goto end;
171b077aed3SPierre Pronchery OBJ_create_objects(in);
172b077aed3SPierre Pronchery BIO_free(in);
173b077aed3SPierre Pronchery }
174b077aed3SPierre Pronchery
175b077aed3SPierre Pronchery if ((in = bio_open_default(infile, 'r', informat)) == NULL)
176b077aed3SPierre Pronchery goto end;
177b077aed3SPierre Pronchery
178b077aed3SPierre Pronchery if (derfile && (derout = bio_open_default(derfile, 'w', FORMAT_ASN1)) == NULL)
179b077aed3SPierre Pronchery goto end;
180b077aed3SPierre Pronchery
181b077aed3SPierre Pronchery if ((buf = BUF_MEM_new()) == NULL)
182b077aed3SPierre Pronchery goto end;
183b077aed3SPierre Pronchery if (strictpem) {
184b077aed3SPierre Pronchery if (PEM_read_bio(in, &name, &header, &str, &num) != 1) {
185b077aed3SPierre Pronchery BIO_printf(bio_err, "Error reading PEM file\n");
186b077aed3SPierre Pronchery ERR_print_errors(bio_err);
187b077aed3SPierre Pronchery goto end;
188b077aed3SPierre Pronchery }
189b077aed3SPierre Pronchery buf->data = (char *)str;
190b077aed3SPierre Pronchery buf->length = buf->max = num;
191b077aed3SPierre Pronchery } else {
192b077aed3SPierre Pronchery if (!BUF_MEM_grow(buf, BUFSIZ * 8))
193b077aed3SPierre Pronchery goto end; /* Pre-allocate :-) */
194b077aed3SPierre Pronchery
195b077aed3SPierre Pronchery if (genstr || genconf) {
196b077aed3SPierre Pronchery num = do_generate(genstr, genconf, buf);
197b077aed3SPierre Pronchery if (num < 0) {
198b077aed3SPierre Pronchery ERR_print_errors(bio_err);
199b077aed3SPierre Pronchery goto end;
200b077aed3SPierre Pronchery }
201b077aed3SPierre Pronchery } else {
202b077aed3SPierre Pronchery
203b077aed3SPierre Pronchery if (informat == FORMAT_PEM) {
204b077aed3SPierre Pronchery BIO *tmp;
205b077aed3SPierre Pronchery
206b077aed3SPierre Pronchery if ((b64 = BIO_new(BIO_f_base64())) == NULL)
207b077aed3SPierre Pronchery goto end;
208b077aed3SPierre Pronchery BIO_push(b64, in);
209b077aed3SPierre Pronchery tmp = in;
210b077aed3SPierre Pronchery in = b64;
211b077aed3SPierre Pronchery b64 = tmp;
212b077aed3SPierre Pronchery }
213b077aed3SPierre Pronchery
214b077aed3SPierre Pronchery num = 0;
215b077aed3SPierre Pronchery for (;;) {
216b077aed3SPierre Pronchery if (!BUF_MEM_grow(buf, num + BUFSIZ))
217b077aed3SPierre Pronchery goto end;
218b077aed3SPierre Pronchery i = BIO_read(in, &(buf->data[num]), BUFSIZ);
219b077aed3SPierre Pronchery if (i <= 0)
220b077aed3SPierre Pronchery break;
221b077aed3SPierre Pronchery num += i;
222b077aed3SPierre Pronchery }
223b077aed3SPierre Pronchery }
224b077aed3SPierre Pronchery str = (unsigned char *)buf->data;
225b077aed3SPierre Pronchery
226b077aed3SPierre Pronchery }
227b077aed3SPierre Pronchery
228b077aed3SPierre Pronchery /* If any structs to parse go through in sequence */
229b077aed3SPierre Pronchery
230b077aed3SPierre Pronchery if (sk_OPENSSL_STRING_num(osk)) {
231b077aed3SPierre Pronchery tmpbuf = str;
232b077aed3SPierre Pronchery tmplen = num;
233b077aed3SPierre Pronchery for (i = 0; i < sk_OPENSSL_STRING_num(osk); i++) {
234b077aed3SPierre Pronchery ASN1_TYPE *atmp;
235b077aed3SPierre Pronchery int typ;
236b077aed3SPierre Pronchery j = strtol(sk_OPENSSL_STRING_value(osk, i), NULL, 0);
237b077aed3SPierre Pronchery if (j <= 0 || j >= tmplen) {
238b077aed3SPierre Pronchery BIO_printf(bio_err, "'%s' is out of range\n",
239b077aed3SPierre Pronchery sk_OPENSSL_STRING_value(osk, i));
240b077aed3SPierre Pronchery continue;
241b077aed3SPierre Pronchery }
242b077aed3SPierre Pronchery tmpbuf += j;
243b077aed3SPierre Pronchery tmplen -= j;
244b077aed3SPierre Pronchery atmp = at;
245b077aed3SPierre Pronchery ctmpbuf = tmpbuf;
246b077aed3SPierre Pronchery at = d2i_ASN1_TYPE(NULL, &ctmpbuf, tmplen);
247b077aed3SPierre Pronchery ASN1_TYPE_free(atmp);
248b077aed3SPierre Pronchery if (!at) {
249b077aed3SPierre Pronchery BIO_printf(bio_err, "Error parsing structure\n");
250b077aed3SPierre Pronchery ERR_print_errors(bio_err);
251b077aed3SPierre Pronchery goto end;
252b077aed3SPierre Pronchery }
253b077aed3SPierre Pronchery typ = ASN1_TYPE_get(at);
254b077aed3SPierre Pronchery if ((typ == V_ASN1_OBJECT)
255b077aed3SPierre Pronchery || (typ == V_ASN1_BOOLEAN)
256b077aed3SPierre Pronchery || (typ == V_ASN1_NULL)) {
257b077aed3SPierre Pronchery BIO_printf(bio_err, "Can't parse %s type\n", ASN1_tag2str(typ));
258b077aed3SPierre Pronchery ERR_print_errors(bio_err);
259b077aed3SPierre Pronchery goto end;
260b077aed3SPierre Pronchery }
261b077aed3SPierre Pronchery /* hmm... this is a little evil but it works */
262b077aed3SPierre Pronchery tmpbuf = at->value.asn1_string->data;
263b077aed3SPierre Pronchery tmplen = at->value.asn1_string->length;
264b077aed3SPierre Pronchery }
265b077aed3SPierre Pronchery str = tmpbuf;
266b077aed3SPierre Pronchery num = tmplen;
267b077aed3SPierre Pronchery }
268b077aed3SPierre Pronchery
269b077aed3SPierre Pronchery if (offset < 0 || offset >= num) {
270b077aed3SPierre Pronchery BIO_printf(bio_err, "Error: offset out of range\n");
271b077aed3SPierre Pronchery goto end;
272b077aed3SPierre Pronchery }
273b077aed3SPierre Pronchery
274b077aed3SPierre Pronchery num -= offset;
275b077aed3SPierre Pronchery
276b077aed3SPierre Pronchery if (length == 0 || length > (unsigned int)num)
277b077aed3SPierre Pronchery length = (unsigned int)num;
278b077aed3SPierre Pronchery if (derout != NULL) {
279b077aed3SPierre Pronchery if (BIO_write(derout, str + offset, length) != (int)length) {
280b077aed3SPierre Pronchery BIO_printf(bio_err, "Error writing output\n");
281b077aed3SPierre Pronchery ERR_print_errors(bio_err);
282b077aed3SPierre Pronchery goto end;
283b077aed3SPierre Pronchery }
284b077aed3SPierre Pronchery }
285b077aed3SPierre Pronchery if (!noout) {
286b077aed3SPierre Pronchery const unsigned char *p = str + offset;
287b077aed3SPierre Pronchery
288b077aed3SPierre Pronchery if (it != NULL) {
289b077aed3SPierre Pronchery ASN1_VALUE *value = ASN1_item_d2i(NULL, &p, length, it);
290b077aed3SPierre Pronchery if (value == NULL) {
291b077aed3SPierre Pronchery BIO_printf(bio_err, "Error parsing item %s\n", it->sname);
292b077aed3SPierre Pronchery ERR_print_errors(bio_err);
293b077aed3SPierre Pronchery goto end;
294b077aed3SPierre Pronchery }
295b077aed3SPierre Pronchery ASN1_item_print(bio_out, value, 0, it, NULL);
296b077aed3SPierre Pronchery ASN1_item_free(value, it);
297b077aed3SPierre Pronchery } else {
298b077aed3SPierre Pronchery if (!ASN1_parse_dump(bio_out, p, length, indent, dump)) {
299b077aed3SPierre Pronchery ERR_print_errors(bio_err);
300b077aed3SPierre Pronchery goto end;
301b077aed3SPierre Pronchery }
302b077aed3SPierre Pronchery }
303b077aed3SPierre Pronchery }
304b077aed3SPierre Pronchery ret = 0;
305b077aed3SPierre Pronchery end:
306b077aed3SPierre Pronchery BIO_free(derout);
307b077aed3SPierre Pronchery BIO_free(in);
308b077aed3SPierre Pronchery BIO_free(b64);
309b077aed3SPierre Pronchery if (ret != 0)
310b077aed3SPierre Pronchery ERR_print_errors(bio_err);
311b077aed3SPierre Pronchery BUF_MEM_free(buf);
312b077aed3SPierre Pronchery OPENSSL_free(name);
313b077aed3SPierre Pronchery OPENSSL_free(header);
314b077aed3SPierre Pronchery ASN1_TYPE_free(at);
315b077aed3SPierre Pronchery sk_OPENSSL_STRING_free(osk);
316b077aed3SPierre Pronchery return ret;
317b077aed3SPierre Pronchery }
318b077aed3SPierre Pronchery
do_generate(char * genstr,const char * genconf,BUF_MEM * buf)319b077aed3SPierre Pronchery static int do_generate(char *genstr, const char *genconf, BUF_MEM *buf)
320b077aed3SPierre Pronchery {
321b077aed3SPierre Pronchery CONF *cnf = NULL;
322b077aed3SPierre Pronchery int len;
323b077aed3SPierre Pronchery unsigned char *p;
324b077aed3SPierre Pronchery ASN1_TYPE *atyp = NULL;
325b077aed3SPierre Pronchery
326b077aed3SPierre Pronchery if (genconf != NULL) {
327b077aed3SPierre Pronchery if ((cnf = app_load_config(genconf)) == NULL)
328b077aed3SPierre Pronchery goto err;
329b077aed3SPierre Pronchery if (genstr == NULL)
330b077aed3SPierre Pronchery genstr = NCONF_get_string(cnf, "default", "asn1");
331b077aed3SPierre Pronchery if (genstr == NULL) {
332b077aed3SPierre Pronchery BIO_printf(bio_err, "Can't find 'asn1' in '%s'\n", genconf);
333b077aed3SPierre Pronchery goto err;
334b077aed3SPierre Pronchery }
335b077aed3SPierre Pronchery }
336b077aed3SPierre Pronchery
337b077aed3SPierre Pronchery atyp = ASN1_generate_nconf(genstr, cnf);
338b077aed3SPierre Pronchery NCONF_free(cnf);
339b077aed3SPierre Pronchery cnf = NULL;
340b077aed3SPierre Pronchery
341b077aed3SPierre Pronchery if (atyp == NULL)
342b077aed3SPierre Pronchery return -1;
343b077aed3SPierre Pronchery
344b077aed3SPierre Pronchery len = i2d_ASN1_TYPE(atyp, NULL);
345b077aed3SPierre Pronchery
346b077aed3SPierre Pronchery if (len <= 0)
347b077aed3SPierre Pronchery goto err;
348b077aed3SPierre Pronchery
349b077aed3SPierre Pronchery if (!BUF_MEM_grow(buf, len))
350b077aed3SPierre Pronchery goto err;
351b077aed3SPierre Pronchery
352b077aed3SPierre Pronchery p = (unsigned char *)buf->data;
353b077aed3SPierre Pronchery
354b077aed3SPierre Pronchery i2d_ASN1_TYPE(atyp, &p);
355b077aed3SPierre Pronchery
356b077aed3SPierre Pronchery ASN1_TYPE_free(atyp);
357b077aed3SPierre Pronchery return len;
358b077aed3SPierre Pronchery
359b077aed3SPierre Pronchery err:
360b077aed3SPierre Pronchery NCONF_free(cnf);
361b077aed3SPierre Pronchery ASN1_TYPE_free(atyp);
362b077aed3SPierre Pronchery return -1;
363b077aed3SPierre Pronchery }
364