]>
Commit | Line | Data |
---|---|---|
62867571 | 1 | /* |
da1c088f | 2 | * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. |
d02b48c6 | 3 | * |
3f870de7 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
62867571 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
d02b48c6 RE |
8 | */ |
9 | ||
10 | #include <stdio.h> | |
25f2138b | 11 | #include "crypto/ctype.h" |
452ae49d | 12 | #include <limits.h> |
b39fc560 | 13 | #include "internal/cryptlib.h" |
397065c6 | 14 | #include "internal/thread_once.h" |
29c80c60 | 15 | #include "internal/tsan_assist.h" |
ec577822 BM |
16 | #include <openssl/lhash.h> |
17 | #include <openssl/asn1.h> | |
25f2138b | 18 | #include "crypto/objects.h" |
1e26a8ba | 19 | #include <openssl/bn.h> |
25f2138b | 20 | #include "crypto/asn1.h" |
706457b7 | 21 | #include "obj_local.h" |
d02b48c6 | 22 | |
d040a1b9 | 23 | /* obj_dat.h is generated from objects.txt and obj_mac.{num,h} by obj_dat.pl */ |
a00ae6c4 | 24 | #include "obj_dat.h" |
d02b48c6 | 25 | |
e19106f5 DSH |
26 | DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn); |
27 | DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln); | |
28 | DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj); | |
babb3798 | 29 | |
0f113f3e MC |
30 | #define ADDED_DATA 0 |
31 | #define ADDED_SNAME 1 | |
32 | #define ADDED_LNAME 2 | |
33 | #define ADDED_NID 3 | |
d02b48c6 | 34 | |
e6b5c341 | 35 | struct added_obj_st { |
0f113f3e MC |
36 | int type; |
37 | ASN1_OBJECT *obj; | |
e6b5c341 | 38 | }; |
d02b48c6 | 39 | |
0f113f3e | 40 | static LHASH_OF(ADDED_OBJ) *added = NULL; |
397065c6 | 41 | static CRYPTO_RWLOCK *ossl_obj_lock = NULL; |
e6b8f359 | 42 | #ifdef TSAN_REQUIRES_LOCKING |
29c80c60 P |
43 | static CRYPTO_RWLOCK *ossl_obj_nid_lock = NULL; |
44 | #endif | |
397065c6 P |
45 | |
46 | static CRYPTO_ONCE ossl_obj_lock_init = CRYPTO_ONCE_STATIC_INIT; | |
47 | ||
29c80c60 P |
48 | static ossl_inline void objs_free_locks(void) |
49 | { | |
50 | CRYPTO_THREAD_lock_free(ossl_obj_lock); | |
51 | ossl_obj_lock = NULL; | |
e6b8f359 | 52 | #ifdef TSAN_REQUIRES_LOCKING |
29c80c60 P |
53 | CRYPTO_THREAD_lock_free(ossl_obj_nid_lock); |
54 | ossl_obj_nid_lock = NULL; | |
55 | #endif | |
56 | } | |
57 | ||
397065c6 P |
58 | DEFINE_RUN_ONCE_STATIC(obj_lock_initialise) |
59 | { | |
397065c6 | 60 | ossl_obj_lock = CRYPTO_THREAD_lock_new(); |
29c80c60 P |
61 | if (ossl_obj_lock == NULL) |
62 | return 0; | |
63 | ||
e6b8f359 | 64 | #ifdef TSAN_REQUIRES_LOCKING |
29c80c60 P |
65 | ossl_obj_nid_lock = CRYPTO_THREAD_lock_new(); |
66 | if (ossl_obj_nid_lock == NULL) { | |
67 | objs_free_locks(); | |
68 | return 0; | |
69 | } | |
70 | #endif | |
71 | return 1; | |
397065c6 P |
72 | } |
73 | ||
74 | static ossl_inline int ossl_init_added_lock(void) | |
75 | { | |
cb8e6413 | 76 | #ifndef OPENSSL_NO_AUTOLOAD_CONFIG |
540c2d17 MC |
77 | /* Make sure we've loaded config before checking for any "added" objects */ |
78 | OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL); | |
cb8e6413 | 79 | #endif |
397065c6 P |
80 | return RUN_ONCE(&ossl_obj_lock_init, obj_lock_initialise); |
81 | } | |
82 | ||
83 | static ossl_inline int ossl_obj_write_lock(int lock) | |
84 | { | |
29c80c60 P |
85 | if (!lock) |
86 | return 1; | |
397065c6 P |
87 | if (!ossl_init_added_lock()) |
88 | return 0; | |
29c80c60 | 89 | return CRYPTO_THREAD_write_lock(ossl_obj_lock); |
397065c6 P |
90 | } |
91 | ||
92 | static ossl_inline int ossl_obj_read_lock(int lock) | |
93 | { | |
29c80c60 P |
94 | if (!lock) |
95 | return 1; | |
397065c6 P |
96 | if (!ossl_init_added_lock()) |
97 | return 0; | |
29c80c60 | 98 | return CRYPTO_THREAD_read_lock(ossl_obj_lock); |
397065c6 P |
99 | } |
100 | ||
101 | static ossl_inline void ossl_obj_unlock(int lock) | |
102 | { | |
103 | if (lock) | |
104 | CRYPTO_THREAD_unlock(ossl_obj_lock); | |
105 | } | |
d02b48c6 | 106 | |
0f113f3e MC |
107 | static int sn_cmp(const ASN1_OBJECT *const *a, const unsigned int *b) |
108 | { | |
a2371fa9 | 109 | return strcmp((*a)->sn, nid_objs[*b].sn); |
0f113f3e | 110 | } |
d02b48c6 | 111 | |
e19106f5 | 112 | IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn); |
babb3798 | 113 | |
0f113f3e MC |
114 | static int ln_cmp(const ASN1_OBJECT *const *a, const unsigned int *b) |
115 | { | |
a2371fa9 | 116 | return strcmp((*a)->ln, nid_objs[*b].ln); |
0f113f3e | 117 | } |
babb3798 | 118 | |
e19106f5 | 119 | IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln); |
d02b48c6 | 120 | |
3c1d6bbc | 121 | static unsigned long added_obj_hash(const ADDED_OBJ *ca) |
0f113f3e MC |
122 | { |
123 | const ASN1_OBJECT *a; | |
124 | int i; | |
125 | unsigned long ret = 0; | |
126 | unsigned char *p; | |
127 | ||
128 | a = ca->obj; | |
129 | switch (ca->type) { | |
130 | case ADDED_DATA: | |
131 | ret = a->length << 20L; | |
132 | p = (unsigned char *)a->data; | |
133 | for (i = 0; i < a->length; i++) | |
134 | ret ^= p[i] << ((i * 3) % 24); | |
135 | break; | |
136 | case ADDED_SNAME: | |
739a1eb1 | 137 | ret = OPENSSL_LH_strhash(a->sn); |
0f113f3e MC |
138 | break; |
139 | case ADDED_LNAME: | |
739a1eb1 | 140 | ret = OPENSSL_LH_strhash(a->ln); |
0f113f3e MC |
141 | break; |
142 | case ADDED_NID: | |
143 | ret = a->nid; | |
144 | break; | |
145 | default: | |
146 | /* abort(); */ | |
147 | return 0; | |
148 | } | |
149 | ret &= 0x3fffffffL; | |
150 | ret |= ((unsigned long)ca->type) << 30L; | |
a2371fa9 | 151 | return ret; |
0f113f3e MC |
152 | } |
153 | ||
3c1d6bbc | 154 | static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb) |
0f113f3e MC |
155 | { |
156 | ASN1_OBJECT *a, *b; | |
157 | int i; | |
158 | ||
159 | i = ca->type - cb->type; | |
160 | if (i) | |
a2371fa9 | 161 | return i; |
0f113f3e MC |
162 | a = ca->obj; |
163 | b = cb->obj; | |
164 | switch (ca->type) { | |
165 | case ADDED_DATA: | |
166 | i = (a->length - b->length); | |
167 | if (i) | |
a2371fa9 P |
168 | return i; |
169 | return memcmp(a->data, b->data, (size_t)a->length); | |
0f113f3e MC |
170 | case ADDED_SNAME: |
171 | if (a->sn == NULL) | |
a2371fa9 | 172 | return -1; |
0f113f3e | 173 | else if (b->sn == NULL) |
a2371fa9 | 174 | return 1; |
0f113f3e | 175 | else |
a2371fa9 | 176 | return strcmp(a->sn, b->sn); |
0f113f3e MC |
177 | case ADDED_LNAME: |
178 | if (a->ln == NULL) | |
a2371fa9 | 179 | return -1; |
0f113f3e | 180 | else if (b->ln == NULL) |
a2371fa9 | 181 | return 1; |
0f113f3e | 182 | else |
a2371fa9 | 183 | return strcmp(a->ln, b->ln); |
0f113f3e | 184 | case ADDED_NID: |
a2371fa9 | 185 | return a->nid - b->nid; |
0f113f3e MC |
186 | default: |
187 | /* abort(); */ | |
188 | return 0; | |
189 | } | |
190 | } | |
191 | ||
3c1d6bbc | 192 | static void cleanup1_doall(ADDED_OBJ *a) |
0f113f3e MC |
193 | { |
194 | a->obj->nid = 0; | |
195 | a->obj->flags |= ASN1_OBJECT_FLAG_DYNAMIC | | |
196 | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | ASN1_OBJECT_FLAG_DYNAMIC_DATA; | |
197 | } | |
d02b48c6 | 198 | |
3c1d6bbc | 199 | static void cleanup2_doall(ADDED_OBJ *a) |
0f113f3e MC |
200 | { |
201 | a->obj->nid++; | |
202 | } | |
d02b48c6 | 203 | |
3c1d6bbc | 204 | static void cleanup3_doall(ADDED_OBJ *a) |
0f113f3e MC |
205 | { |
206 | if (--a->obj->nid == 0) | |
207 | ASN1_OBJECT_free(a->obj); | |
208 | OPENSSL_free(a); | |
209 | } | |
d02b48c6 | 210 | |
f148f703 | 211 | void ossl_obj_cleanup_int(void) |
0f113f3e | 212 | { |
397065c6 P |
213 | if (added != NULL) { |
214 | lh_ADDED_OBJ_set_down_load(added, 0); | |
215 | lh_ADDED_OBJ_doall(added, cleanup1_doall); /* zero counters */ | |
216 | lh_ADDED_OBJ_doall(added, cleanup2_doall); /* set counters */ | |
217 | lh_ADDED_OBJ_doall(added, cleanup3_doall); /* free objects */ | |
218 | lh_ADDED_OBJ_free(added); | |
219 | added = NULL; | |
220 | } | |
29c80c60 | 221 | objs_free_locks(); |
0f113f3e | 222 | } |
d02b48c6 | 223 | |
29c80c60 | 224 | int OBJ_new_nid(int num) |
0f113f3e | 225 | { |
e6b8f359 P |
226 | static TSAN_QUALIFIER int new_nid = NUM_NID; |
227 | #ifdef TSAN_REQUIRES_LOCKING | |
0f113f3e | 228 | int i; |
d02b48c6 | 229 | |
397065c6 P |
230 | if (!CRYPTO_THREAD_write_lock(ossl_obj_nid_lock)) { |
231 | ERR_raise(ERR_LIB_OBJ, ERR_R_UNABLE_TO_GET_WRITE_LOCK); | |
232 | return NID_undef; | |
233 | } | |
0f113f3e MC |
234 | i = new_nid; |
235 | new_nid += num; | |
29c80c60 | 236 | CRYPTO_THREAD_unlock(ossl_obj_nid_lock); |
a2371fa9 | 237 | return i; |
29c80c60 | 238 | #else |
29c80c60 P |
239 | return tsan_add(&new_nid, num); |
240 | #endif | |
0f113f3e | 241 | } |
d02b48c6 | 242 | |
397065c6 | 243 | static int ossl_obj_add_object(const ASN1_OBJECT *obj, int lock) |
0f113f3e | 244 | { |
397065c6 | 245 | ASN1_OBJECT *o = NULL; |
0f113f3e MC |
246 | ADDED_OBJ *ao[4] = { NULL, NULL, NULL, NULL }, *aop; |
247 | int i; | |
248 | ||
0f113f3e | 249 | if ((o = OBJ_dup(obj)) == NULL) |
397065c6 P |
250 | return NID_undef; |
251 | if ((ao[ADDED_NID] = OPENSSL_malloc(sizeof(*ao[0]))) == NULL | |
252 | || (o->length != 0 | |
253 | && obj->data != NULL | |
254 | && (ao[ADDED_DATA] = OPENSSL_malloc(sizeof(*ao[0]))) == NULL) | |
255 | || (o->sn != NULL | |
256 | && (ao[ADDED_SNAME] = OPENSSL_malloc(sizeof(*ao[0]))) == NULL) | |
257 | || (o->ln != NULL | |
e077455e | 258 | && (ao[ADDED_LNAME] = OPENSSL_malloc(sizeof(*ao[0]))) == NULL)) |
397065c6 | 259 | goto err2; |
397065c6 P |
260 | |
261 | if (!ossl_obj_write_lock(lock)) { | |
262 | ERR_raise(ERR_LIB_OBJ, ERR_R_UNABLE_TO_GET_WRITE_LOCK); | |
0f113f3e | 263 | goto err2; |
397065c6 P |
264 | } |
265 | if (added == NULL) { | |
266 | added = lh_ADDED_OBJ_new(added_obj_hash, added_obj_cmp); | |
267 | if (added == NULL) { | |
e077455e | 268 | ERR_raise(ERR_LIB_OBJ, ERR_R_CRYPTO_LIB); |
397065c6 P |
269 | goto err; |
270 | } | |
271 | } | |
0f113f3e MC |
272 | |
273 | for (i = ADDED_DATA; i <= ADDED_NID; i++) { | |
274 | if (ao[i] != NULL) { | |
275 | ao[i]->type = i; | |
276 | ao[i]->obj = o; | |
277 | aop = lh_ADDED_OBJ_insert(added, ao[i]); | |
f430ba31 | 278 | /* memory leak, but should not normally matter */ |
b548a1f1 | 279 | OPENSSL_free(aop); |
0f113f3e MC |
280 | } |
281 | } | |
282 | o->flags &= | |
283 | ~(ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | | |
284 | ASN1_OBJECT_FLAG_DYNAMIC_DATA); | |
285 | ||
397065c6 | 286 | ossl_obj_unlock(lock); |
a2371fa9 | 287 | return o->nid; |
397065c6 | 288 | |
0f113f3e | 289 | err: |
397065c6 P |
290 | ossl_obj_unlock(lock); |
291 | err2: | |
0f113f3e | 292 | for (i = ADDED_DATA; i <= ADDED_NID; i++) |
b548a1f1 | 293 | OPENSSL_free(ao[i]); |
c130c0fe | 294 | ASN1_OBJECT_free(o); |
a2371fa9 | 295 | return NID_undef; |
0f113f3e | 296 | } |
d02b48c6 | 297 | |
6b691a5c | 298 | ASN1_OBJECT *OBJ_nid2obj(int n) |
0f113f3e | 299 | { |
397065c6 | 300 | ADDED_OBJ ad, *adp = NULL; |
0f113f3e MC |
301 | ASN1_OBJECT ob; |
302 | ||
908ba3ed TM |
303 | if (n == NID_undef |
304 | || (n > 0 && n < NUM_NID && nid_objs[n].nid != NID_undef)) | |
67890a73 | 305 | return (ASN1_OBJECT *)&(nid_objs[n]); |
29dc6e00 MC |
306 | |
307 | ad.type = ADDED_NID; | |
308 | ad.obj = &ob; | |
309 | ob.nid = n; | |
397065c6 P |
310 | if (!ossl_obj_read_lock(1)) { |
311 | ERR_raise(ERR_LIB_OBJ, ERR_R_UNABLE_TO_GET_READ_LOCK); | |
312 | return NULL; | |
313 | } | |
314 | if (added != NULL) | |
315 | adp = lh_ADDED_OBJ_retrieve(added, &ad); | |
316 | ossl_obj_unlock(1); | |
29dc6e00 MC |
317 | if (adp != NULL) |
318 | return adp->obj; | |
319 | ||
9311d0c4 | 320 | ERR_raise(ERR_LIB_OBJ, OBJ_R_UNKNOWN_NID); |
29dc6e00 | 321 | return NULL; |
0f113f3e | 322 | } |
d02b48c6 | 323 | |
6b691a5c | 324 | const char *OBJ_nid2sn(int n) |
0f113f3e | 325 | { |
397065c6 | 326 | ASN1_OBJECT *ob = OBJ_nid2obj(n); |
29dc6e00 | 327 | |
397065c6 | 328 | return ob == NULL ? NULL : ob->sn; |
0f113f3e | 329 | } |
d02b48c6 | 330 | |
6b691a5c | 331 | const char *OBJ_nid2ln(int n) |
0f113f3e | 332 | { |
397065c6 | 333 | ASN1_OBJECT *ob = OBJ_nid2obj(n); |
29dc6e00 | 334 | |
397065c6 | 335 | return ob == NULL ? NULL : ob->ln; |
0f113f3e MC |
336 | } |
337 | ||
338 | static int obj_cmp(const ASN1_OBJECT *const *ap, const unsigned int *bp) | |
339 | { | |
340 | int j; | |
341 | const ASN1_OBJECT *a = *ap; | |
342 | const ASN1_OBJECT *b = &nid_objs[*bp]; | |
343 | ||
344 | j = (a->length - b->length); | |
345 | if (j) | |
a2371fa9 | 346 | return j; |
2b8dc08b HB |
347 | if (a->length == 0) |
348 | return 0; | |
a2371fa9 | 349 | return memcmp(a->data, b->data, a->length); |
0f113f3e | 350 | } |
babb3798 | 351 | |
e19106f5 | 352 | IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj); |
babb3798 | 353 | |
397065c6 | 354 | static int ossl_obj_obj2nid(const ASN1_OBJECT *a, const int lock) |
0f113f3e | 355 | { |
397065c6 | 356 | int nid = NID_undef; |
0f113f3e MC |
357 | const unsigned int *op; |
358 | ADDED_OBJ ad, *adp; | |
359 | ||
360 | if (a == NULL) | |
a2371fa9 | 361 | return NID_undef; |
397065c6 | 362 | if (a->nid != NID_undef) |
a2371fa9 | 363 | return a->nid; |
0fb99904 DSH |
364 | if (a->length == 0) |
365 | return NID_undef; | |
366 | ||
397065c6 P |
367 | op = OBJ_bsearch_obj(&a, obj_objs, NUM_OBJ); |
368 | if (op != NULL) | |
369 | return nid_objs[*op].nid; | |
370 | if (!ossl_obj_read_lock(lock)) { | |
371 | ERR_raise(ERR_LIB_OBJ, ERR_R_UNABLE_TO_GET_READ_LOCK); | |
372 | return NID_undef; | |
373 | } | |
0f113f3e MC |
374 | if (added != NULL) { |
375 | ad.type = ADDED_DATA; | |
397065c6 | 376 | ad.obj = (ASN1_OBJECT *)a; /* casting away const is harmless here */ |
0f113f3e MC |
377 | adp = lh_ADDED_OBJ_retrieve(added, &ad); |
378 | if (adp != NULL) | |
397065c6 | 379 | nid = adp->obj->nid; |
0f113f3e | 380 | } |
397065c6 P |
381 | ossl_obj_unlock(lock); |
382 | return nid; | |
0f113f3e MC |
383 | } |
384 | ||
385 | /* | |
386 | * Convert an object name into an ASN1_OBJECT if "noname" is not set then | |
387 | * search for short and long names first. This will convert the "dotted" form | |
388 | * into an object: unlike OBJ_txt2nid it can be used with any objects, not | |
389 | * just registered ones. | |
2d723902 | 390 | */ |
6b691a5c | 391 | ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) |
0f113f3e MC |
392 | { |
393 | int nid = NID_undef; | |
397065c6 | 394 | ASN1_OBJECT *op = NULL; |
0f113f3e MC |
395 | unsigned char *buf; |
396 | unsigned char *p; | |
397 | const unsigned char *cp; | |
398 | int i, j; | |
399 | ||
400 | if (!no_name) { | |
67890a73 DDO |
401 | if ((nid = OBJ_sn2nid(s)) != NID_undef |
402 | || (nid = OBJ_ln2nid(s)) != NID_undef) { | |
0f113f3e | 403 | return OBJ_nid2obj(nid); |
397065c6 | 404 | } |
b516a4b1 | 405 | if (!ossl_isdigit(*s)) { |
9311d0c4 | 406 | ERR_raise(ERR_LIB_OBJ, OBJ_R_UNKNOWN_OBJECT_NAME); |
b516a4b1 DDO |
407 | return NULL; |
408 | } | |
0f113f3e MC |
409 | } |
410 | ||
411 | /* Work out size of content octets */ | |
412 | i = a2d_ASN1_OBJECT(NULL, 0, s, -1); | |
397065c6 | 413 | if (i <= 0) |
0f113f3e | 414 | return NULL; |
397065c6 | 415 | |
0f113f3e MC |
416 | /* Work out total size */ |
417 | j = ASN1_object_size(0, i, V_ASN1_OBJECT); | |
a36c5eab MC |
418 | if (j < 0) |
419 | return NULL; | |
0f113f3e | 420 | |
e077455e | 421 | if ((buf = OPENSSL_malloc(j)) == NULL) |
0f113f3e MC |
422 | return NULL; |
423 | ||
424 | p = buf; | |
425 | /* Write out tag+length */ | |
426 | ASN1_put_object(&p, 0, i, V_ASN1_OBJECT, V_ASN1_UNIVERSAL); | |
427 | /* Write out contents */ | |
428 | a2d_ASN1_OBJECT(p, i, s, -1); | |
429 | ||
430 | cp = buf; | |
431 | op = d2i_ASN1_OBJECT(NULL, &cp, j); | |
432 | OPENSSL_free(buf); | |
433 | return op; | |
434 | } | |
d02b48c6 | 435 | |
6343829a | 436 | int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) |
3e3d2ea2 | 437 | { |
0f113f3e MC |
438 | int i, n = 0, len, nid, first, use_bn; |
439 | BIGNUM *bl; | |
440 | unsigned long l; | |
441 | const unsigned char *p; | |
442 | char tbuf[DECIMAL_SIZE(i) + DECIMAL_SIZE(l) + 2]; | |
397065c6 | 443 | const char *s; |
0f113f3e MC |
444 | |
445 | /* Ensure that, at every state, |buf| is NUL-terminated. */ | |
397065c6 | 446 | if (buf != NULL && buf_len > 0) |
0f113f3e MC |
447 | buf[0] = '\0'; |
448 | ||
397065c6 | 449 | if (a == NULL || a->data == NULL) |
a2371fa9 | 450 | return 0; |
0f113f3e MC |
451 | |
452 | if (!no_name && (nid = OBJ_obj2nid(a)) != NID_undef) { | |
0f113f3e MC |
453 | s = OBJ_nid2ln(nid); |
454 | if (s == NULL) | |
455 | s = OBJ_nid2sn(nid); | |
397065c6 P |
456 | if (s != NULL) { |
457 | if (buf != NULL) | |
7644a9ae | 458 | OPENSSL_strlcpy(buf, s, buf_len); |
397065c6 | 459 | return (int)strlen(s); |
0f113f3e MC |
460 | } |
461 | } | |
462 | ||
463 | len = a->length; | |
464 | p = a->data; | |
465 | ||
466 | first = 1; | |
467 | bl = NULL; | |
468 | ||
d63b3e79 RL |
469 | /* |
470 | * RFC 2578 (STD 58) says this about OBJECT IDENTIFIERs: | |
471 | * | |
472 | * > 3.5. OBJECT IDENTIFIER values | |
473 | * > | |
474 | * > An OBJECT IDENTIFIER value is an ordered list of non-negative | |
475 | * > numbers. For the SMIv2, each number in the list is referred to as a | |
476 | * > sub-identifier, there are at most 128 sub-identifiers in a value, | |
477 | * > and each sub-identifier has a maximum value of 2^32-1 (4294967295 | |
478 | * > decimal). | |
479 | * | |
480 | * So a legitimate OID according to this RFC is at most (32 * 128 / 7), | |
481 | * i.e. 586 bytes long. | |
482 | * | |
483 | * Ref: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5 | |
484 | */ | |
485 | if (len > 586) | |
486 | goto err; | |
487 | ||
0f113f3e MC |
488 | while (len > 0) { |
489 | l = 0; | |
490 | use_bn = 0; | |
491 | for (;;) { | |
492 | unsigned char c = *p++; | |
67890a73 | 493 | |
0f113f3e | 494 | len--; |
67890a73 | 495 | if (len == 0 && (c & 0x80) != 0) |
0f113f3e MC |
496 | goto err; |
497 | if (use_bn) { | |
498 | if (!BN_add_word(bl, c & 0x7f)) | |
499 | goto err; | |
67890a73 | 500 | } else { |
0f113f3e | 501 | l |= c & 0x7f; |
67890a73 DDO |
502 | } |
503 | if ((c & 0x80) == 0) | |
0f113f3e | 504 | break; |
67890a73 | 505 | if (!use_bn && l > (ULONG_MAX >> 7L)) { |
75ebbd9a | 506 | if (bl == NULL && (bl = BN_new()) == NULL) |
0f113f3e MC |
507 | goto err; |
508 | if (!BN_set_word(bl, l)) | |
509 | goto err; | |
510 | use_bn = 1; | |
511 | } | |
512 | if (use_bn) { | |
513 | if (!BN_lshift(bl, bl, 7)) | |
514 | goto err; | |
67890a73 | 515 | } else { |
0f113f3e | 516 | l <<= 7L; |
67890a73 | 517 | } |
0f113f3e MC |
518 | } |
519 | ||
520 | if (first) { | |
521 | first = 0; | |
522 | if (l >= 80) { | |
523 | i = 2; | |
524 | if (use_bn) { | |
525 | if (!BN_sub_word(bl, 80)) | |
526 | goto err; | |
67890a73 | 527 | } else { |
0f113f3e | 528 | l -= 80; |
67890a73 | 529 | } |
0f113f3e MC |
530 | } else { |
531 | i = (int)(l / 40); | |
532 | l -= (long)(i * 40); | |
533 | } | |
67890a73 | 534 | if (buf != NULL && buf_len > 1) { |
0f113f3e MC |
535 | *buf++ = i + '0'; |
536 | *buf = '\0'; | |
537 | buf_len--; | |
538 | } | |
539 | n++; | |
540 | } | |
541 | ||
542 | if (use_bn) { | |
543 | char *bndec; | |
544 | bndec = BN_bn2dec(bl); | |
545 | if (!bndec) | |
546 | goto err; | |
547 | i = strlen(bndec); | |
67890a73 | 548 | if (buf != NULL) { |
0f113f3e MC |
549 | if (buf_len > 1) { |
550 | *buf++ = '.'; | |
551 | *buf = '\0'; | |
552 | buf_len--; | |
553 | } | |
7644a9ae | 554 | OPENSSL_strlcpy(buf, bndec, buf_len); |
0f113f3e MC |
555 | if (i > buf_len) { |
556 | buf += buf_len; | |
557 | buf_len = 0; | |
558 | } else { | |
559 | buf += i; | |
560 | buf_len -= i; | |
561 | } | |
562 | } | |
563 | n++; | |
564 | n += i; | |
565 | OPENSSL_free(bndec); | |
566 | } else { | |
a2371fa9 | 567 | BIO_snprintf(tbuf, sizeof(tbuf), ".%lu", l); |
0f113f3e | 568 | i = strlen(tbuf); |
67890a73 | 569 | if (buf && buf_len > 0) { |
7644a9ae | 570 | OPENSSL_strlcpy(buf, tbuf, buf_len); |
0f113f3e MC |
571 | if (i > buf_len) { |
572 | buf += buf_len; | |
573 | buf_len = 0; | |
574 | } else { | |
575 | buf += i; | |
576 | buf_len -= i; | |
577 | } | |
578 | } | |
579 | n += i; | |
580 | l = 0; | |
581 | } | |
582 | } | |
583 | ||
23a1d5e9 | 584 | BN_free(bl); |
0f113f3e MC |
585 | return n; |
586 | ||
587 | err: | |
23a1d5e9 | 588 | BN_free(bl); |
0f113f3e | 589 | return -1; |
3e3d2ea2 DSH |
590 | } |
591 | ||
8d28d5f8 | 592 | int OBJ_txt2nid(const char *s) |
2d723902 | 593 | { |
397065c6 P |
594 | ASN1_OBJECT *obj = OBJ_txt2obj(s, 0); |
595 | int nid = NID_undef; | |
596 | ||
597 | if (obj != NULL) { | |
598 | nid = OBJ_obj2nid(obj); | |
599 | ASN1_OBJECT_free(obj); | |
600 | } | |
0f113f3e | 601 | return nid; |
2d723902 DSH |
602 | } |
603 | ||
6b691a5c | 604 | int OBJ_ln2nid(const char *s) |
0f113f3e MC |
605 | { |
606 | ASN1_OBJECT o; | |
607 | const ASN1_OBJECT *oo = &o; | |
608 | ADDED_OBJ ad, *adp; | |
609 | const unsigned int *op; | |
397065c6 | 610 | int nid = NID_undef; |
29dc6e00 | 611 | |
0f113f3e | 612 | o.ln = s; |
397065c6 P |
613 | op = OBJ_bsearch_ln(&oo, ln_objs, NUM_LN); |
614 | if (op != NULL) | |
615 | return nid_objs[*op].nid; | |
616 | if (!ossl_obj_read_lock(1)) { | |
617 | ERR_raise(ERR_LIB_OBJ, ERR_R_UNABLE_TO_GET_READ_LOCK); | |
618 | return NID_undef; | |
619 | } | |
0f113f3e MC |
620 | if (added != NULL) { |
621 | ad.type = ADDED_LNAME; | |
622 | ad.obj = &o; | |
623 | adp = lh_ADDED_OBJ_retrieve(added, &ad); | |
624 | if (adp != NULL) | |
397065c6 | 625 | nid = adp->obj->nid; |
0f113f3e | 626 | } |
397065c6 P |
627 | ossl_obj_unlock(1); |
628 | return nid; | |
0f113f3e | 629 | } |
d02b48c6 | 630 | |
6b691a5c | 631 | int OBJ_sn2nid(const char *s) |
0f113f3e MC |
632 | { |
633 | ASN1_OBJECT o; | |
634 | const ASN1_OBJECT *oo = &o; | |
635 | ADDED_OBJ ad, *adp; | |
636 | const unsigned int *op; | |
397065c6 | 637 | int nid = NID_undef; |
29dc6e00 | 638 | |
0f113f3e | 639 | o.sn = s; |
397065c6 P |
640 | op = OBJ_bsearch_sn(&oo, sn_objs, NUM_SN); |
641 | if (op != NULL) | |
642 | return nid_objs[*op].nid; | |
643 | if (!ossl_obj_read_lock(1)) { | |
644 | ERR_raise(ERR_LIB_OBJ, ERR_R_UNABLE_TO_GET_READ_LOCK); | |
645 | return NID_undef; | |
646 | } | |
0f113f3e MC |
647 | if (added != NULL) { |
648 | ad.type = ADDED_SNAME; | |
649 | ad.obj = &o; | |
650 | adp = lh_ADDED_OBJ_retrieve(added, &ad); | |
651 | if (adp != NULL) | |
397065c6 | 652 | nid = adp->obj->nid; |
0f113f3e | 653 | } |
397065c6 P |
654 | ossl_obj_unlock(1); |
655 | return nid; | |
0f113f3e | 656 | } |
d02b48c6 | 657 | |
babb3798 | 658 | const void *OBJ_bsearch_(const void *key, const void *base, int num, int size, |
0f113f3e MC |
659 | int (*cmp) (const void *, const void *)) |
660 | { | |
661 | return OBJ_bsearch_ex_(key, base, num, size, cmp, 0); | |
662 | } | |
ea5240a5 | 663 | |
5c3f1e34 | 664 | const void *OBJ_bsearch_ex_(const void *key, const void *base, int num, |
0f113f3e MC |
665 | int size, |
666 | int (*cmp) (const void *, const void *), | |
667 | int flags) | |
668 | { | |
5c3f1e34 | 669 | const char *p = ossl_bsearch(key, base, num, size, cmp, flags); |
0f113f3e | 670 | |
a53955d8 | 671 | #ifdef CHARSET_EBCDIC |
0f113f3e MC |
672 | /* |
673 | * THIS IS A KLUDGE - Because the *_obj is sorted in ASCII order, and I | |
674 | * don't have perl (yet), we revert to a *LINEAR* search when the object | |
675 | * wasn't found in the binary search. | |
676 | */ | |
5c3f1e34 RL |
677 | if (p == NULL) { |
678 | const char *base_ = base; | |
679 | int l, h, i = 0, c = 0; | |
680 | ||
0f113f3e | 681 | for (i = 0; i < num; ++i) { |
5c3f1e34 | 682 | p = &(base_[i * size]); |
0f113f3e | 683 | c = (*cmp) (key, p); |
5c3f1e34 RL |
684 | if (c == 0 |
685 | || (c < 0 && (flags & OBJ_BSEARCH_VALUE_ON_NOMATCH))) | |
0f113f3e MC |
686 | return p; |
687 | } | |
688 | } | |
a53955d8 | 689 | #endif |
a2371fa9 | 690 | return p; |
0f113f3e | 691 | } |
d02b48c6 | 692 | |
cef115ff F |
693 | /* |
694 | * Parse a BIO sink to create some extra oid's objects. | |
695 | * Line format:<OID:isdigit or '.']><isspace><SN><isspace><LN> | |
696 | */ | |
6b691a5c | 697 | int OBJ_create_objects(BIO *in) |
0f113f3e | 698 | { |
68b00c23 | 699 | char buf[512]; |
0f113f3e MC |
700 | int i, num = 0; |
701 | char *o, *s, *l = NULL; | |
702 | ||
703 | for (;;) { | |
704 | s = o = NULL; | |
705 | i = BIO_gets(in, buf, 512); | |
706 | if (i <= 0) | |
a2371fa9 | 707 | return num; |
0f113f3e | 708 | buf[i - 1] = '\0'; |
a1df06b3 | 709 | if (!ossl_isalnum(buf[0])) |
a2371fa9 | 710 | return num; |
0f113f3e | 711 | o = s = buf; |
a1df06b3 | 712 | while (ossl_isdigit(*s) || *s == '.') |
0f113f3e MC |
713 | s++; |
714 | if (*s != '\0') { | |
715 | *(s++) = '\0'; | |
a1df06b3 | 716 | while (ossl_isspace(*s)) |
0f113f3e | 717 | s++; |
cef115ff | 718 | if (*s == '\0') { |
0f113f3e | 719 | s = NULL; |
cef115ff | 720 | } else { |
0f113f3e | 721 | l = s; |
a1df06b3 | 722 | while (*l != '\0' && !ossl_isspace(*l)) |
0f113f3e MC |
723 | l++; |
724 | if (*l != '\0') { | |
725 | *(l++) = '\0'; | |
a1df06b3 | 726 | while (ossl_isspace(*l)) |
0f113f3e | 727 | l++; |
cef115ff | 728 | if (*l == '\0') { |
0f113f3e | 729 | l = NULL; |
cef115ff F |
730 | } |
731 | } else { | |
0f113f3e | 732 | l = NULL; |
cef115ff | 733 | } |
0f113f3e | 734 | } |
cef115ff | 735 | } else { |
0f113f3e | 736 | s = NULL; |
cef115ff F |
737 | } |
738 | if (*o == '\0') | |
a2371fa9 | 739 | return num; |
0f113f3e | 740 | if (!OBJ_create(o, s, l)) |
a2371fa9 | 741 | return num; |
0f113f3e MC |
742 | num++; |
743 | } | |
0f113f3e | 744 | } |
58964a49 | 745 | |
8d28d5f8 | 746 | int OBJ_create(const char *oid, const char *sn, const char *ln) |
0f113f3e | 747 | { |
52832e47 | 748 | ASN1_OBJECT *tmpoid = NULL; |
e64b5557 | 749 | int ok = 0; |
0f113f3e | 750 | |
b79da97c RL |
751 | /* With no arguments at all, nothing can be done */ |
752 | if (oid == NULL && sn == NULL && ln == NULL) { | |
753 | ERR_raise(ERR_LIB_OBJ, ERR_R_PASSED_INVALID_ARGUMENT); | |
754 | return 0; | |
755 | } | |
756 | ||
52832e47 | 757 | /* Check to see if short or long name already present */ |
f13615c5 MC |
758 | if ((sn != NULL && OBJ_sn2nid(sn) != NID_undef) |
759 | || (ln != NULL && OBJ_ln2nid(ln) != NID_undef)) { | |
9311d0c4 | 760 | ERR_raise(ERR_LIB_OBJ, OBJ_R_OID_EXISTS); |
10481d33 | 761 | return 0; |
0f113f3e | 762 | } |
52832e47 | 763 | |
b79da97c RL |
764 | if (oid != NULL) { |
765 | /* Convert numerical OID string to an ASN1_OBJECT structure */ | |
766 | tmpoid = OBJ_txt2obj(oid, 1); | |
767 | if (tmpoid == NULL) | |
768 | return 0; | |
769 | } else { | |
770 | /* Create a no-OID ASN1_OBJECT */ | |
771 | tmpoid = ASN1_OBJECT_new(); | |
772 | } | |
397065c6 P |
773 | |
774 | if (!ossl_obj_write_lock(1)) { | |
775 | ERR_raise(ERR_LIB_OBJ, ERR_R_UNABLE_TO_GET_WRITE_LOCK); | |
10481d33 | 776 | ASN1_OBJECT_free(tmpoid); |
487a73de | 777 | return 0; |
397065c6 | 778 | } |
52832e47 DSH |
779 | |
780 | /* If NID is not NID_undef then object already exists */ | |
b79da97c RL |
781 | if (oid != NULL |
782 | && ossl_obj_obj2nid(tmpoid, 0) != NID_undef) { | |
9311d0c4 | 783 | ERR_raise(ERR_LIB_OBJ, OBJ_R_OID_EXISTS); |
0f113f3e | 784 | goto err; |
52832e47 DSH |
785 | } |
786 | ||
29c80c60 | 787 | tmpoid->nid = OBJ_new_nid(1); |
a0ff8e41 | 788 | if (tmpoid->nid == NID_undef) |
789 | goto err; | |
790 | ||
52832e47 DSH |
791 | tmpoid->sn = (char *)sn; |
792 | tmpoid->ln = (char *)ln; | |
793 | ||
397065c6 | 794 | ok = ossl_obj_add_object(tmpoid, 0); |
52832e47 DSH |
795 | |
796 | tmpoid->sn = NULL; | |
797 | tmpoid->ln = NULL; | |
798 | ||
0f113f3e | 799 | err: |
397065c6 | 800 | ossl_obj_unlock(1); |
52832e47 DSH |
801 | ASN1_OBJECT_free(tmpoid); |
802 | return ok; | |
0f113f3e | 803 | } |
2e430277 DSH |
804 | |
805 | size_t OBJ_length(const ASN1_OBJECT *obj) | |
806 | { | |
807 | if (obj == NULL) | |
808 | return 0; | |
809 | return obj->length; | |
810 | } | |
811 | ||
812 | const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj) | |
813 | { | |
814 | if (obj == NULL) | |
815 | return NULL; | |
816 | return obj->data; | |
817 | } | |
397065c6 | 818 | |
397065c6 P |
819 | int OBJ_add_object(const ASN1_OBJECT *obj) |
820 | { | |
821 | return ossl_obj_add_object(obj, 1); | |
822 | } | |
823 | ||
824 | int OBJ_obj2nid(const ASN1_OBJECT *a) | |
825 | { | |
826 | return ossl_obj_obj2nid(a, 1); | |
827 | } |