Gitiles
Code Review Sign In
gerrit.openfyde.cn / boringssl.googlesource.com / boringssl / 2b2d66d4094e5c25789ce68310d86192c377c63b / . / crypto / obj / obj.c
blob: b04321b884d9bdf1b51ea201ff4183dc371b3233 [file] [log] [blame]
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2 * All rights reserved.
3 *
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
7 *
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14 *
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
21 *
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 * SUCH DAMAGE.
51 *
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.] */
56
57#include <openssl/obj.h>
58
59#include <limits.h>
Adam Langley2b2d66d2015-01-30 17:08:37 -0800[diff] [blame^]60#include <string.h>
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]61
62#include <openssl/asn1.h>
63#include <openssl/buf.h>
64#include <openssl/bytestring.h>
65#include <openssl/err.h>
66#include <openssl/lhash.h>
67#include <openssl/mem.h>
68#include <openssl/thread.h>
69
David Benjamin8a5825e2014-08-30 21:33:54 -0400[diff] [blame]70#include "obj_dat.h"
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]71
72/* These globals are protected by CRYPTO_LOCK_OBJ. */
73static LHASH_OF(ASN1_OBJECT) *global_added_by_data = NULL;
74static LHASH_OF(ASN1_OBJECT) *global_added_by_nid = NULL;
75static LHASH_OF(ASN1_OBJECT) *global_added_by_short_name = NULL;
76static LHASH_OF(ASN1_OBJECT) *global_added_by_long_name = NULL;
77
78static unsigned global_next_nid = NUM_NID;
79
David Benjaminc44d2f42014-08-20 16:24:00 -0400[diff] [blame]80static int obj_next_nid(void) {
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]81 int ret;
82
83 CRYPTO_w_lock(CRYPTO_LOCK_OBJ);
84 ret = global_next_nid++;
85 CRYPTO_w_unlock(CRYPTO_LOCK_OBJ);
86
87 return ret;
88}
89
90ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) {
91 ASN1_OBJECT *r;
92 unsigned char *data = NULL;
93 char *sn = NULL, *ln = NULL;
94
95 if (o == NULL) {
96 return NULL;
97 }
98
99 if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
100 /* TODO(fork): this is a little dangerous. */
101 return (ASN1_OBJECT *)o;
102 }
103
104 r = ASN1_OBJECT_new();
105 if (r == NULL) {
106 OPENSSL_PUT_ERROR(OBJ, OBJ_dup, ERR_R_ASN1_LIB);
107 return NULL;
108 }
109 r->ln = r->sn = NULL;
110
111 data = OPENSSL_malloc(o->length);
112 if (data == NULL) {
113 goto err;
114 }
115 if (o->data != NULL) {
116 memcpy(data, o->data, o->length);
117 }
118
119 /* once data is attached to an object, it remains const */
120 r->data = data;
121 r->length = o->length;
122 r->nid = o->nid;
123
124 if (o->ln != NULL) {
125 ln = OPENSSL_strdup(o->ln);
126 if (ln == NULL) {
127 goto err;
128 }
129 }
130
131 if (o->sn != NULL) {
132 sn = OPENSSL_strdup(o->sn);
133 if (sn) {
134 goto err;
135 }
136 }
137
138 r->sn = sn;
139 r->ln = ln;
140
141 r->flags =
142 o->flags | (ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
143 ASN1_OBJECT_FLAG_DYNAMIC_DATA);
144 return r;
145
146err:
147 OPENSSL_PUT_ERROR(OBJ, OBJ_dup, ERR_R_MALLOC_FAILURE);
148 if (ln != NULL) {
149 OPENSSL_free(ln);
150 }
151 if (sn != NULL) {
152 OPENSSL_free(sn);
153 }
154 if (data != NULL) {
155 OPENSSL_free(data);
156 }
157 OPENSSL_free(r);
158 return NULL;
159}
160
161int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
162 int ret;
163
164 ret = a->length - b->length;
165 if (ret) {
166 return ret;
167 }
168 return memcmp(a->data, b->data, a->length);
169}
170
171/* nids_cmp is called to search the kNIDsInOIDOrder array. The |key| argument
172 * is an |ASN1_OBJECT|* that we're looking for and |element| is a pointer to an
173 * unsigned int in the array. */
174static int obj_cmp(const void *key, const void *element) {
175 int j;
176 unsigned nid = *((unsigned*) element);
177 const ASN1_OBJECT *a = key;
178 const ASN1_OBJECT *b = &kObjects[nid];
179
180 j = a->length - b->length;
181 if (j) {
182 return j;
183 }
184 return memcmp(a->data, b->data, a->length);
185}
186
187int OBJ_obj2nid(const ASN1_OBJECT *obj) {
188 const unsigned int *nid_ptr;
189
190 if (obj == NULL) {
191 return NID_undef;
192 }
193
194 if (obj->nid != 0) {
195 return obj->nid;
196 }
197
198 CRYPTO_r_lock(CRYPTO_LOCK_OBJ);
199 if (global_added_by_data != NULL) {
200 ASN1_OBJECT *match;
201
202 match = lh_ASN1_OBJECT_retrieve(global_added_by_data, obj);
203 if (match != NULL) {
204 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
205 return match->nid;
206 }
207 }
208 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
209
210 nid_ptr = bsearch(obj, kNIDsInOIDOrder, NUM_OBJ, sizeof(unsigned), obj_cmp);
211 if (nid_ptr == NULL) {
212 return NID_undef;
213 }
214
215 return kObjects[*nid_ptr].nid;
216}
217
218int OBJ_cbs2nid(const CBS *cbs) {
219 ASN1_OBJECT obj;
220 memset(&obj, 0, sizeof(obj));
221 obj.data = CBS_data(cbs);
222 obj.length = CBS_len(cbs);
223
224 return OBJ_obj2nid(&obj);
225}
226
227/* short_name_cmp is called to search the kNIDsInShortNameOrder array. The
228 * |key| argument is name that we're looking for and |element| is a pointer to
229 * an unsigned int in the array. */
230static int short_name_cmp(const void *key, const void *element) {
231 const char *name = (const char *) key;
232 unsigned nid = *((unsigned*) element);
233
234 return strcmp(name, kObjects[nid].sn);
235}
236
237int OBJ_sn2nid(const char *short_name) {
238 const unsigned int *nid_ptr;
239
240 CRYPTO_r_lock(CRYPTO_LOCK_OBJ);
241 if (global_added_by_short_name != NULL) {
242 ASN1_OBJECT *match, template;
243
244 template.sn = short_name;
245 match = lh_ASN1_OBJECT_retrieve(global_added_by_short_name, &template);
246 if (match != NULL) {
247 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
248 return match->nid;
249 }
250 }
251 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
252
253 nid_ptr = bsearch(short_name, kNIDsInShortNameOrder, NUM_SN, sizeof(unsigned), short_name_cmp);
254 if (nid_ptr == NULL) {
255 return NID_undef;
256 }
257
258 return kObjects[*nid_ptr].nid;
259}
260
261/* long_name_cmp is called to search the kNIDsInLongNameOrder array. The
262 * |key| argument is name that we're looking for and |element| is a pointer to
263 * an unsigned int in the array. */
264static int long_name_cmp(const void *key, const void *element) {
265 const char *name = (const char *) key;
266 unsigned nid = *((unsigned*) element);
267
268 return strcmp(name, kObjects[nid].ln);
269}
270
271int OBJ_ln2nid(const char *long_name) {
272 const unsigned int *nid_ptr;
273
274 CRYPTO_r_lock(CRYPTO_LOCK_OBJ);
275 if (global_added_by_long_name != NULL) {
276 ASN1_OBJECT *match, template;
277
278 template.ln = long_name;
279 match = lh_ASN1_OBJECT_retrieve(global_added_by_long_name, &template);
280 if (match != NULL) {
281 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
282 return match->nid;
283 }
284 }
285 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
286
287 nid_ptr = bsearch(long_name, kNIDsInLongNameOrder, NUM_LN, sizeof(unsigned), long_name_cmp);
288 if (nid_ptr == NULL) {
289 return NID_undef;
290 }
291
292 return kObjects[*nid_ptr].nid;
293}
294
295int OBJ_txt2nid(const char *s) {
296 ASN1_OBJECT *obj;
297 int nid;
298
299 obj = OBJ_txt2obj(s, 0 /* search names */);
300 nid = OBJ_obj2nid(obj);
301 ASN1_OBJECT_free(obj);
302 return nid;
303}
304
Adam Langleyeeb9f492014-08-06 16:29:56 -0700[diff] [blame]305OPENSSL_EXPORT int OBJ_nid2cbb(CBB *out, int nid) {
306 const ASN1_OBJECT *obj = OBJ_nid2obj(nid);
307 CBB oid;
308
309 if (obj == NULL ||
310 !CBB_add_asn1(out, &oid, CBS_ASN1_OBJECT) ||
311 !CBB_add_bytes(&oid, obj->data, obj->length) ||
312 !CBB_flush(out)) {
313 return 0;
314 }
315
316 return 1;
317}
318
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]319const ASN1_OBJECT *OBJ_nid2obj(int nid) {
320 if (nid >= 0 && nid < NUM_NID) {
321 if (nid != NID_undef && kObjects[nid].nid == NID_undef) {
322 goto err;
323 }
324 return &kObjects[nid];
325 }
326
327 CRYPTO_r_lock(CRYPTO_LOCK_OBJ);
328 if (global_added_by_nid != NULL) {
329 ASN1_OBJECT *match, template;
330
331 template.nid = nid;
332 match = lh_ASN1_OBJECT_retrieve(global_added_by_nid, &template);
333 if (match != NULL) {
334 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
335 return match;
336 }
337 }
338 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
339
340err:
341 OPENSSL_PUT_ERROR(OBJ, OBJ_nid2obj, OBJ_R_UNKNOWN_NID);
342 return NULL;
343}
344
345const char *OBJ_nid2sn(int nid) {
346 const ASN1_OBJECT *obj = OBJ_nid2obj(nid);
347 if (obj == NULL) {
348 return NULL;
349 }
350
351 return obj->sn;
352}
353
354const char *OBJ_nid2ln(int nid) {
355 const ASN1_OBJECT *obj = OBJ_nid2obj(nid);
356 if (obj == NULL) {
357 return NULL;
358 }
359
360 return obj->ln;
361}
362
363ASN1_OBJECT *OBJ_txt2obj(const char *s, int dont_search_names) {
364 int nid = NID_undef;
365 ASN1_OBJECT *op = NULL;
366 unsigned char *buf;
367 unsigned char *p;
368 const unsigned char *bufp;
369 int contents_len, total_len;
370
371 if (!dont_search_names) {
372 nid = OBJ_sn2nid(s);
373 if (nid == NID_undef) {
374 nid = OBJ_ln2nid(s);
375 }
376
377 if (nid != NID_undef) {
378 return (ASN1_OBJECT*) OBJ_nid2obj(nid);
379 }
380 }
381
382 /* Work out size of content octets */
383 contents_len = a2d_ASN1_OBJECT(NULL, 0, s, -1);
384 if (contents_len <= 0) {
385 return NULL;
386 }
387 /* Work out total size */
388 total_len = ASN1_object_size(0, contents_len, V_ASN1_OBJECT);
389
390 buf = OPENSSL_malloc(total_len);
391 if (buf == NULL) {
392 OPENSSL_PUT_ERROR(OBJ, OBJ_txt2obj, ERR_R_MALLOC_FAILURE);
393 return NULL;
394 }
395
396 p = buf;
397 /* Write out tag+length */
398 ASN1_put_object(&p, 0, contents_len, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
399 /* Write out contents */
400 a2d_ASN1_OBJECT(p, contents_len, s, -1);
401
402 bufp = buf;
403 op = d2i_ASN1_OBJECT(NULL, &bufp, total_len);
404 OPENSSL_free(buf);
405
406 return op;
407}
408
409int OBJ_obj2txt(char *out, int out_len, const ASN1_OBJECT *obj, int dont_return_name) {
410 int i, n = 0, len, nid, first, use_bn;
411 BIGNUM *bl;
412 unsigned long l;
413 const unsigned char *p;
414 char tbuf[DECIMAL_SIZE(i) + DECIMAL_SIZE(l) + 2];
415
416 if (out && out_len > 0) {
417 out[0] = 0;
418 }
419
420 if (obj == NULL || obj->data == NULL) {
421 return 0;
422 }
423
424 if (!dont_return_name && (nid = OBJ_obj2nid(obj)) != NID_undef) {
425 const char *s;
426 s = OBJ_nid2ln(nid);
427 if (s == NULL) {
428 s = OBJ_nid2sn(nid);
429 }
430 if (s) {
431 if (out) {
432 BUF_strlcpy(out, s, out_len);
433 }
434 return strlen(s);
435 }
436 }
437
438 len = obj->length;
439 p = obj->data;
440
441 first = 1;
442 bl = NULL;
443
444 while (len > 0) {
445 l = 0;
446 use_bn = 0;
447 for (;;) {
448 unsigned char c = *p++;
449 len--;
450 if (len == 0 && (c & 0x80)) {
451 goto err;
452 }
453 if (use_bn) {
454 if (!BN_add_word(bl, c & 0x7f)) {
455 goto err;
456 }
457 } else {
458 l |= c & 0x7f;
459 }
460 if (!(c & 0x80)) {
461 break;
462 }
463 if (!use_bn && (l > (ULONG_MAX >> 7L))) {
464 if (!bl && !(bl = BN_new())) {
465 goto err;
466 }
467 if (!BN_set_word(bl, l)) {
468 goto err;
469 }
470 use_bn = 1;
471 }
472 if (use_bn) {
473 if (!BN_lshift(bl, bl, 7)) {
474 goto err;
475 }
476 } else {
477 l <<= 7L;
478 }
479 }
480
481 if (first) {
482 first = 0;
483 if (l >= 80) {
484 i = 2;
485 if (use_bn) {
486 if (!BN_sub_word(bl, 80)) {
487 goto err;
488 }
489 } else {
490 l -= 80;
491 }
492 } else {
493 i = (int)(l / 40);
494 l -= (long)(i * 40);
495 }
496 if (out && out_len > 1) {
497 *out++ = i + '0';
498 *out = '0';
499 out_len--;
500 }
501 n++;
502 }
503
504 if (use_bn) {
505 char *bndec;
506 bndec = BN_bn2dec(bl);
507 if (!bndec) {
508 goto err;
509 }
510 i = strlen(bndec);
511 if (out) {
512 if (out_len > 1) {
513 *out++ = '.';
514 *out = 0;
515 out_len--;
516 }
517 BUF_strlcpy(out, bndec, out_len);
518 if (i > out_len) {
519 out += out_len;
520 out_len = 0;
521 } else {
522 out += i;
523 out_len -= i;
524 }
525 }
526 n++;
527 n += i;
528 OPENSSL_free(bndec);
529 } else {
530 BIO_snprintf(tbuf, sizeof(tbuf), ".%lu", l);
531 i = strlen(tbuf);
532 if (out && out_len > 0) {
533 BUF_strlcpy(out, tbuf, out_len);
534 if (i > out_len) {
535 out += out_len;
536 out_len = 0;
537 } else {
538 out += i;
539 out_len -= i;
540 }
541 }
542 n += i;
543 }
544 }
545
546 if (bl) {
547 BN_free(bl);
548 }
549 return n;
550
551err:
552 if (bl) {
553 BN_free(bl);
554 }
555 return -1;
556}
557
558static uint32_t hash_nid(const ASN1_OBJECT *obj) {
559 return obj->nid;
560}
561
562static int cmp_nid(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
563 return a->nid - b->nid;
564}
565
566static uint32_t hash_data(const ASN1_OBJECT *obj) {
567 return OPENSSL_hash32(obj->data, obj->length);
568}
569
570static int cmp_data(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
571 int i = a->length - b->length;
572 if (i) {
573 return i;
574 }
575 return memcmp(a->data, b->data, a->length);
576}
577
578static uint32_t hash_short_name(const ASN1_OBJECT *obj) {
579 return lh_strhash(obj->sn);
580}
581
582static int cmp_short_name(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
583 return strcmp(a->sn, b->sn);
584}
585
586static uint32_t hash_long_name(const ASN1_OBJECT *obj) {
587 return lh_strhash(obj->ln);
588}
589
590static int cmp_long_name(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
591 return strcmp(a->ln, b->ln);
592}
593
594/* obj_add_object inserts |obj| into the various global hashes for run-time
595 * added objects. It returns one on success or zero otherwise. */
596static int obj_add_object(ASN1_OBJECT *obj) {
597 int ok;
598 ASN1_OBJECT *old_object;
599
600 obj->flags &= ~(ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
601 ASN1_OBJECT_FLAG_DYNAMIC_DATA);
602
603 CRYPTO_w_lock(CRYPTO_LOCK_OBJ);
604 if (global_added_by_nid == NULL) {
605 global_added_by_nid = lh_ASN1_OBJECT_new(hash_nid, cmp_nid);
606 global_added_by_data = lh_ASN1_OBJECT_new(hash_data, cmp_data);
607 global_added_by_short_name = lh_ASN1_OBJECT_new(hash_short_name, cmp_short_name);
608 global_added_by_long_name = lh_ASN1_OBJECT_new(hash_long_name, cmp_long_name);
609 }
610
611 /* We don't pay attention to |old_object| (which contains any previous object
612 * that was evicted from the hashes) because we don't have a reference count
613 * on ASN1_OBJECT values. Also, we should never have duplicates nids and so
614 * should always have objects in |global_added_by_nid|. */
615
616 ok = lh_ASN1_OBJECT_insert(global_added_by_nid, &old_object, obj);
617 if (obj->length != 0 && obj->data != NULL) {
618 ok &= lh_ASN1_OBJECT_insert(global_added_by_data, &old_object, obj);
619 }
620 if (obj->sn != NULL) {
621 ok &= lh_ASN1_OBJECT_insert(global_added_by_short_name, &old_object, obj);
622 }
623 if (obj->ln != NULL) {
624 ok &= lh_ASN1_OBJECT_insert(global_added_by_long_name, &old_object, obj);
625 }
626 CRYPTO_w_unlock(CRYPTO_LOCK_OBJ);
627
628 return ok;
629}
630
631int OBJ_create(const char *oid, const char *short_name, const char *long_name) {
632 int ret = NID_undef;
633 ASN1_OBJECT *op = NULL;
634 unsigned char *buf = NULL;
635 int len;
636
637 len = a2d_ASN1_OBJECT(NULL, 0, oid, -1);
638 if (len <= 0) {
639 goto err;
640 }
641
642 buf = OPENSSL_malloc(len);
643 if (buf == NULL) {
644 OPENSSL_PUT_ERROR(OBJ, OBJ_create, ERR_R_MALLOC_FAILURE);
645 goto err;
646 }
647
648 len = a2d_ASN1_OBJECT(buf, len, oid, -1);
649 if (len == 0) {
650 goto err;
651 }
652
653 op = (ASN1_OBJECT *)ASN1_OBJECT_create(obj_next_nid(), buf, len, short_name,
654 long_name);
655 if (op == NULL) {
656 goto err;
657 }
658
659 if (obj_add_object(op)) {
660 ret = op->nid;
661 }
662 op = NULL;
663
664err:
665 if (op != NULL) {
666 ASN1_OBJECT_free(op);
667 }
668 if (buf != NULL) {
669 OPENSSL_free(buf);
670 }
671
672 return ret;
673}