2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "crypto/ctype.h"
13 #include "internal/cryptlib.h"
14 #include <openssl/lhash.h>
15 #include <openssl/asn1.h>
16 #include "crypto/objects.h"
17 #include <openssl/bn.h>
18 #include "crypto/asn1.h"
19 #include "obj_local.h"
21 /* obj_dat.h is generated from objects.h by obj_dat.pl */
24 DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT
*, unsigned int, sn
);
25 DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT
*, unsigned int, ln
);
26 DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT
*, unsigned int, obj
);
38 static int new_nid
= NUM_NID
;
39 static LHASH_OF(ADDED_OBJ
) *added
= NULL
;
41 static int sn_cmp(const ASN1_OBJECT
*const *a
, const unsigned int *b
)
43 return strcmp((*a
)->sn
, nid_objs
[*b
].sn
);
46 IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT
*, unsigned int, sn
);
48 static int ln_cmp(const ASN1_OBJECT
*const *a
, const unsigned int *b
)
50 return strcmp((*a
)->ln
, nid_objs
[*b
].ln
);
53 IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT
*, unsigned int, ln
);
55 static unsigned long added_obj_hash(const ADDED_OBJ
*ca
)
59 unsigned long ret
= 0;
65 ret
= a
->length
<< 20L;
66 p
= (unsigned char *)a
->data
;
67 for (i
= 0; i
< a
->length
; i
++)
68 ret
^= p
[i
] << ((i
* 3) % 24);
71 ret
= OPENSSL_LH_strhash(a
->sn
);
74 ret
= OPENSSL_LH_strhash(a
->ln
);
84 ret
|= ((unsigned long)ca
->type
) << 30L;
88 static int added_obj_cmp(const ADDED_OBJ
*ca
, const ADDED_OBJ
*cb
)
93 i
= ca
->type
- cb
->type
;
100 i
= (a
->length
- b
->length
);
103 return memcmp(a
->data
, b
->data
, (size_t)a
->length
);
107 else if (b
->sn
== NULL
)
110 return strcmp(a
->sn
, b
->sn
);
114 else if (b
->ln
== NULL
)
117 return strcmp(a
->ln
, b
->ln
);
119 return a
->nid
- b
->nid
;
126 static int init_added(void)
130 added
= lh_ADDED_OBJ_new(added_obj_hash
, added_obj_cmp
);
131 return added
!= NULL
;
134 static void cleanup1_doall(ADDED_OBJ
*a
)
137 a
->obj
->flags
|= ASN1_OBJECT_FLAG_DYNAMIC
|
138 ASN1_OBJECT_FLAG_DYNAMIC_STRINGS
| ASN1_OBJECT_FLAG_DYNAMIC_DATA
;
141 static void cleanup2_doall(ADDED_OBJ
*a
)
146 static void cleanup3_doall(ADDED_OBJ
*a
)
148 if (--a
->obj
->nid
== 0)
149 ASN1_OBJECT_free(a
->obj
);
153 void obj_cleanup_int(void)
157 lh_ADDED_OBJ_set_down_load(added
, 0);
158 lh_ADDED_OBJ_doall(added
, cleanup1_doall
); /* zero counters */
159 lh_ADDED_OBJ_doall(added
, cleanup2_doall
); /* set counters */
160 lh_ADDED_OBJ_doall(added
, cleanup3_doall
); /* free objects */
161 lh_ADDED_OBJ_free(added
);
165 int OBJ_new_nid(int num
)
174 int OBJ_add_object(const ASN1_OBJECT
*obj
)
177 ADDED_OBJ
*ao
[4] = { NULL
, NULL
, NULL
, NULL
}, *aop
;
183 if ((o
= OBJ_dup(obj
)) == NULL
)
185 if ((ao
[ADDED_NID
] = OPENSSL_malloc(sizeof(*ao
[0]))) == NULL
)
187 if ((o
->length
!= 0) && (obj
->data
!= NULL
))
188 if ((ao
[ADDED_DATA
] = OPENSSL_malloc(sizeof(*ao
[0]))) == NULL
)
191 if ((ao
[ADDED_SNAME
] = OPENSSL_malloc(sizeof(*ao
[0]))) == NULL
)
194 if ((ao
[ADDED_LNAME
] = OPENSSL_malloc(sizeof(*ao
[0]))) == NULL
)
197 for (i
= ADDED_DATA
; i
<= ADDED_NID
; i
++) {
201 aop
= lh_ADDED_OBJ_insert(added
, ao
[i
]);
202 /* memory leak, but should not normally matter */
207 ~(ASN1_OBJECT_FLAG_DYNAMIC
| ASN1_OBJECT_FLAG_DYNAMIC_STRINGS
|
208 ASN1_OBJECT_FLAG_DYNAMIC_DATA
);
212 OBJerr(OBJ_F_OBJ_ADD_OBJECT
, ERR_R_MALLOC_FAILURE
);
214 for (i
= ADDED_DATA
; i
<= ADDED_NID
; i
++)
220 ASN1_OBJECT
*OBJ_nid2obj(int n
)
225 if ((n
>= 0) && (n
< NUM_NID
)) {
226 if ((n
!= NID_undef
) && (nid_objs
[n
].nid
== NID_undef
)) {
227 OBJerr(OBJ_F_OBJ_NID2OBJ
, OBJ_R_UNKNOWN_NID
);
230 return (ASN1_OBJECT
*)&(nid_objs
[n
]);
233 /* Make sure we've loaded config before checking for any "added" objects */
234 OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG
, NULL
);
242 adp
= lh_ADDED_OBJ_retrieve(added
, &ad
);
246 OBJerr(OBJ_F_OBJ_NID2OBJ
, OBJ_R_UNKNOWN_NID
);
250 const char *OBJ_nid2sn(int n
)
255 if ((n
>= 0) && (n
< NUM_NID
)) {
256 if ((n
!= NID_undef
) && (nid_objs
[n
].nid
== NID_undef
)) {
257 OBJerr(OBJ_F_OBJ_NID2SN
, OBJ_R_UNKNOWN_NID
);
260 return nid_objs
[n
].sn
;
263 /* Make sure we've loaded config before checking for any "added" objects */
264 OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG
, NULL
);
272 adp
= lh_ADDED_OBJ_retrieve(added
, &ad
);
276 OBJerr(OBJ_F_OBJ_NID2SN
, OBJ_R_UNKNOWN_NID
);
280 const char *OBJ_nid2ln(int n
)
285 if ((n
>= 0) && (n
< NUM_NID
)) {
286 if ((n
!= NID_undef
) && (nid_objs
[n
].nid
== NID_undef
)) {
287 OBJerr(OBJ_F_OBJ_NID2LN
, OBJ_R_UNKNOWN_NID
);
290 return nid_objs
[n
].ln
;
293 /* Make sure we've loaded config before checking for any "added" objects */
294 OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG
, NULL
);
302 adp
= lh_ADDED_OBJ_retrieve(added
, &ad
);
306 OBJerr(OBJ_F_OBJ_NID2LN
, OBJ_R_UNKNOWN_NID
);
310 static int obj_cmp(const ASN1_OBJECT
*const *ap
, const unsigned int *bp
)
313 const ASN1_OBJECT
*a
= *ap
;
314 const ASN1_OBJECT
*b
= &nid_objs
[*bp
];
316 j
= (a
->length
- b
->length
);
321 return memcmp(a
->data
, b
->data
, a
->length
);
324 IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT
*, unsigned int, obj
);
326 int OBJ_obj2nid(const ASN1_OBJECT
*a
)
328 const unsigned int *op
;
339 /* Make sure we've loaded config before checking for any "added" objects */
340 OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG
, NULL
);
343 ad
.type
= ADDED_DATA
;
344 ad
.obj
= (ASN1_OBJECT
*)a
; /* XXX: ugly but harmless */
345 adp
= lh_ADDED_OBJ_retrieve(added
, &ad
);
347 return adp
->obj
->nid
;
349 op
= OBJ_bsearch_obj(&a
, obj_objs
, NUM_OBJ
);
352 return nid_objs
[*op
].nid
;
356 * Convert an object name into an ASN1_OBJECT if "noname" is not set then
357 * search for short and long names first. This will convert the "dotted" form
358 * into an object: unlike OBJ_txt2nid it can be used with any objects, not
359 * just registered ones.
362 ASN1_OBJECT
*OBJ_txt2obj(const char *s
, int no_name
)
368 const unsigned char *cp
;
372 if (((nid
= OBJ_sn2nid(s
)) != NID_undef
) ||
373 ((nid
= OBJ_ln2nid(s
)) != NID_undef
))
374 return OBJ_nid2obj(nid
);
375 if (!ossl_isdigit(*s
)) {
376 OBJerr(OBJ_F_OBJ_TXT2OBJ
, OBJ_R_UNKNOWN_OBJECT_NAME
);
381 /* Work out size of content octets */
382 i
= a2d_ASN1_OBJECT(NULL
, 0, s
, -1);
384 /* Don't clear the error */
390 /* Work out total size */
391 j
= ASN1_object_size(0, i
, V_ASN1_OBJECT
);
395 if ((buf
= OPENSSL_malloc(j
)) == NULL
) {
396 OBJerr(OBJ_F_OBJ_TXT2OBJ
, ERR_R_MALLOC_FAILURE
);
401 /* Write out tag+length */
402 ASN1_put_object(&p
, 0, i
, V_ASN1_OBJECT
, V_ASN1_UNIVERSAL
);
403 /* Write out contents */
404 a2d_ASN1_OBJECT(p
, i
, s
, -1);
407 op
= d2i_ASN1_OBJECT(NULL
, &cp
, j
);
412 int OBJ_obj2txt(char *buf
, int buf_len
, const ASN1_OBJECT
*a
, int no_name
)
414 int i
, n
= 0, len
, nid
, first
, use_bn
;
417 const unsigned char *p
;
418 char tbuf
[DECIMAL_SIZE(i
) + DECIMAL_SIZE(l
) + 2];
420 /* Ensure that, at every state, |buf| is NUL-terminated. */
421 if (buf
&& buf_len
> 0)
424 if ((a
== NULL
) || (a
->data
== NULL
))
427 if (!no_name
&& (nid
= OBJ_obj2nid(a
)) != NID_undef
) {
434 OPENSSL_strlcpy(buf
, s
, buf_len
);
450 unsigned char c
= *p
++;
452 if ((len
== 0) && (c
& 0x80))
455 if (!BN_add_word(bl
, c
& 0x7f))
461 if (!use_bn
&& (l
> (ULONG_MAX
>> 7L))) {
462 if (bl
== NULL
&& (bl
= BN_new()) == NULL
)
464 if (!BN_set_word(bl
, l
))
469 if (!BN_lshift(bl
, bl
, 7))
480 if (!BN_sub_word(bl
, 80))
488 if (buf
&& (buf_len
> 1)) {
498 bndec
= BN_bn2dec(bl
);
508 OPENSSL_strlcpy(buf
, bndec
, buf_len
);
521 BIO_snprintf(tbuf
, sizeof(tbuf
), ".%lu", l
);
523 if (buf
&& (buf_len
> 0)) {
524 OPENSSL_strlcpy(buf
, tbuf
, buf_len
);
546 int OBJ_txt2nid(const char *s
)
550 obj
= OBJ_txt2obj(s
, 0);
551 nid
= OBJ_obj2nid(obj
);
552 ASN1_OBJECT_free(obj
);
556 int OBJ_ln2nid(const char *s
)
559 const ASN1_OBJECT
*oo
= &o
;
561 const unsigned int *op
;
563 /* Make sure we've loaded config before checking for any "added" objects */
564 OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG
, NULL
);
568 ad
.type
= ADDED_LNAME
;
570 adp
= lh_ADDED_OBJ_retrieve(added
, &ad
);
572 return adp
->obj
->nid
;
574 op
= OBJ_bsearch_ln(&oo
, ln_objs
, NUM_LN
);
577 return nid_objs
[*op
].nid
;
580 int OBJ_sn2nid(const char *s
)
583 const ASN1_OBJECT
*oo
= &o
;
585 const unsigned int *op
;
587 /* Make sure we've loaded config before checking for any "added" objects */
588 OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG
, NULL
);
592 ad
.type
= ADDED_SNAME
;
594 adp
= lh_ADDED_OBJ_retrieve(added
, &ad
);
596 return adp
->obj
->nid
;
598 op
= OBJ_bsearch_sn(&oo
, sn_objs
, NUM_SN
);
601 return nid_objs
[*op
].nid
;
604 const void *OBJ_bsearch_(const void *key
, const void *base
, int num
, int size
,
605 int (*cmp
) (const void *, const void *))
607 return OBJ_bsearch_ex_(key
, base
, num
, size
, cmp
, 0);
610 const void *OBJ_bsearch_ex_(const void *key
, const void *base
, int num
,
612 int (*cmp
) (const void *, const void *),
615 const char *p
= ossl_bsearch(key
, base
, num
, size
, cmp
, flags
);
617 #ifdef CHARSET_EBCDIC
619 * THIS IS A KLUDGE - Because the *_obj is sorted in ASCII order, and I
620 * don't have perl (yet), we revert to a *LINEAR* search when the object
621 * wasn't found in the binary search.
624 const char *base_
= base
;
625 int l
, h
, i
= 0, c
= 0;
627 for (i
= 0; i
< num
; ++i
) {
628 p
= &(base_
[i
* size
]);
631 || (c
< 0 && (flags
& OBJ_BSEARCH_VALUE_ON_NOMATCH
)))
640 * Parse a BIO sink to create some extra oid's objects.
641 * Line format:<OID:isdigit or '.']><isspace><SN><isspace><LN>
643 int OBJ_create_objects(BIO
*in
)
647 char *o
, *s
, *l
= NULL
;
651 i
= BIO_gets(in
, buf
, 512);
655 if (!ossl_isalnum(buf
[0]))
658 while (ossl_isdigit(*s
) || *s
== '.')
662 while (ossl_isspace(*s
))
668 while (*l
!= '\0' && !ossl_isspace(*l
))
672 while (ossl_isspace(*l
))
686 if (!OBJ_create(o
, s
, l
))
692 int OBJ_create(const char *oid
, const char *sn
, const char *ln
)
694 ASN1_OBJECT
*tmpoid
= NULL
;
697 /* Check to see if short or long name already present */
698 if ((sn
!= NULL
&& OBJ_sn2nid(sn
) != NID_undef
)
699 || (ln
!= NULL
&& OBJ_ln2nid(ln
) != NID_undef
)) {
700 OBJerr(OBJ_F_OBJ_CREATE
, OBJ_R_OID_EXISTS
);
704 /* Convert numerical OID string to an ASN1_OBJECT structure */
705 tmpoid
= OBJ_txt2obj(oid
, 1);
709 /* If NID is not NID_undef then object already exists */
710 if (OBJ_obj2nid(tmpoid
) != NID_undef
) {
711 OBJerr(OBJ_F_OBJ_CREATE
, OBJ_R_OID_EXISTS
);
715 tmpoid
->nid
= OBJ_new_nid(1);
716 tmpoid
->sn
= (char *)sn
;
717 tmpoid
->ln
= (char *)ln
;
719 ok
= OBJ_add_object(tmpoid
);
725 ASN1_OBJECT_free(tmpoid
);
729 size_t OBJ_length(const ASN1_OBJECT
*obj
)
736 const unsigned char *OBJ_get0_data(const ASN1_OBJECT
*obj
)