From 77332083b8d4a3bc1b1bf39326a0fee5747ca1eb Mon Sep 17 00:00:00 2001
From: Alberto Leiva Popper <ydahhrk@gmail.com>
Date: Thu, 16 May 2024 12:42:31 -0600
Subject: [PATCH] Merge some duplicate code

New rule: BIOs no longer allowed in ASN1 JSON functions outside of
libcrypto_util.c.
---
 src/asn1/asn1c/Certificate.c | 35 ++++++---------------
 src/libcrypto_util.c         | 59 +++++++++++++++++-------------------
 src/libcrypto_util.h         |  3 +-
 3 files changed, 38 insertions(+), 59 deletions(-)

diff --git a/src/asn1/asn1c/Certificate.c b/src/asn1/asn1c/Certificate.c
index 76cb7e2f..df6542c4 100644
--- a/src/asn1/asn1c/Certificate.c
+++ b/src/asn1/asn1c/Certificate.c
@@ -1,7 +1,6 @@
 #include "asn1/asn1c/Certificate.h"
 
 #include <openssl/x509v3.h>
-#include <openssl/pem.h>
 
 #include "extension.h"
 #include "json_util.h"
@@ -34,39 +33,25 @@ static json_t *
 pk2json(X509 const *x)
 {
 	json_t *root;
-	ASN1_OBJECT *xpoid;
-	EVP_PKEY *pkey;
-	BIO *bio;
+	json_t *child;
+	X509_PUBKEY *pubkey;
+	ASN1_OBJECT *oid;
 
 	root = json_obj_new();
 	if (root == NULL)
 		return NULL;
 
-	/* algorithm */
-	if (!X509_PUBKEY_get0_param(&xpoid, NULL, NULL, NULL, X509_get_X509_PUBKEY(x)))
-		goto fail;
-	bio = BIO_new(BIO_s_mem());
-	if (bio == NULL)
-		goto fail;
-	if (i2a_ASN1_OBJECT(bio, xpoid) <= 0) {
-		BIO_free_all(bio);
+	pubkey = X509_get_X509_PUBKEY(x);
+	if (pubkey == NULL)
 		goto fail;
-	}
-	if (json_object_add(root, "algorithm", bio2json(bio)))
+	if (!X509_PUBKEY_get0_param(&oid, NULL, NULL, NULL, pubkey))
 		goto fail;
 
-	/* Actual pk */
-	pkey = X509_get0_pubkey(x);
-	if (pkey == NULL)
-		goto fail;
-	bio = BIO_new(BIO_s_mem());
-	if (bio == NULL)
-		goto fail;
-	if (PEM_write_bio_PUBKEY(bio, pkey) <= 0) {
-		BIO_free_all(bio);
+	child = oid2json(oid);
+	if (json_object_add(root, "algorithm", child))
 		goto fail;
-	}
-	if (json_object_add(root, "subjectPublicKey", bio2json(bio)))
+	child = pubkey2json(X509_PUBKEY_get0(pubkey));
+	if (json_object_add(root, "subjectPublicKey", child))
 		goto fail;
 
 	return root;
diff --git a/src/libcrypto_util.c b/src/libcrypto_util.c
index 3717ae11..2608f5f7 100644
--- a/src/libcrypto_util.c
+++ b/src/libcrypto_util.c
@@ -3,28 +3,15 @@
 #include <stdlib.h>
 #include <openssl/asn1.h>
 #include <openssl/opensslv.h>
+#include <openssl/pem.h>
 
 #include "alloc.h"
 #include "extension.h"
 #include "json_util.h"
+#include "asn1/asn1c/OBJECT_IDENTIFIER.h"
 
 /* Swallows @bio. */
-char *
-bio2str(BIO *bio)
-{
-	BUF_MEM *buffer;
-	char *str;
-
-	str = (BIO_get_mem_ptr(bio, &buffer) > 0)
-	    ? pstrndup(buffer->data, buffer->length)
-	    : NULL;
-
-	BIO_free_all(bio);
-	return str;
-}
-
-/* Swallows @bio. */
-json_t *
+static json_t *
 bio2json(BIO *bio)
 {
 	BUF_MEM *buffer;
@@ -41,7 +28,10 @@ bio2json(BIO *bio)
 json_t *
 oid2json(ASN1_OBJECT const *oid)
 {
-	return oid ? json_str_new(OBJ_nid2sn(OBJ_obj2nid(oid))) : json_null();
+	char buf[OID_STR_MAXLEN];
+	return (oid != NULL)
+	     ? json_strn_new(buf, OBJ_obj2txt(buf, OID_STR_MAXLEN, oid, 0))
+	     : json_null();
 }
 
 json_t *
@@ -197,6 +187,25 @@ fail:	json_decref(parent);
 	return NULL;
 }
 
+json_t *
+pubkey2json(EVP_PKEY *pubkey)
+{
+	BIO *bio;
+
+	if (pubkey == NULL)
+		return NULL;
+
+	bio = BIO_new(BIO_s_mem());
+	if (bio == NULL)
+		return NULL;
+	if (PEM_write_bio_PUBKEY(bio, pubkey) <= 0) {
+		BIO_free_all(bio);
+		return NULL;
+	}
+
+	return bio2json(bio);
+}
+
 static json_t *
 ext2json_known(struct extension_metadata const *meta, X509_EXTENSION *ext)
 {
@@ -247,8 +256,6 @@ exts2json(const STACK_OF(X509_EXTENSION) *exts)
 	json_t *parent;
 	json_t *child;
 	X509_EXTENSION *ex;
-	BIO *bio;
-	char *name;
 	int i;
 
 	if (sk_X509_EXTENSION_num(exts) <= 0)
@@ -264,19 +271,7 @@ exts2json(const STACK_OF(X509_EXTENSION) *exts)
 
 		ex = sk_X509_EXTENSION_value(exts, i);
 
-		/* Get the extension name */
-		bio = BIO_new(BIO_s_mem());
-		if (bio == NULL)
-			goto fail;
-		if (i2a_ASN1_OBJECT(bio, X509_EXTENSION_get_object(ex)) <= 0) {
-			BIO_free_all(bio);
-			goto fail;
-		}
-
-		name = bio2str(bio);
-		child = json_str_new(name);
-		free(name);
-
+		child = oid2json(X509_EXTENSION_get_object(ex));
 		if (json_object_add(parent, "extnID", child))
 			goto fail;
 		child = json_boolean(X509_EXTENSION_get_critical(ex));
diff --git a/src/libcrypto_util.h b/src/libcrypto_util.h
index 3e464f99..4045021c 100644
--- a/src/libcrypto_util.h
+++ b/src/libcrypto_util.h
@@ -6,8 +6,6 @@
 #include <openssl/bio.h>
 #include <openssl/x509v3.h>
 
-char *bio2str(BIO *);
-json_t *bio2json(BIO *);
 json_t *oid2json(ASN1_OBJECT const *);
 json_t *asn1int2json(ASN1_INTEGER const *);
 json_t *asn1str2json(ASN1_STRING const *); /* octet string, bit string, etc */
@@ -15,6 +13,7 @@ json_t *asn1time2json(ASN1_TIME const *);
 json_t *name2json(X509_NAME const *);
 json_t *gn2json(GENERAL_NAME const *);
 json_t *gns2json(GENERAL_NAMES const *);
+json_t *pubkey2json(EVP_PKEY *); /* LibreSSL needs not const */
 json_t *exts2json(const STACK_OF(X509_EXTENSION) *);
 
 #endif /* SRC_LIBCRYPTO_UTIL_H_ */
-- 
2.47.2