1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.] */
57 #include <openssl/obj.h>
61 #include <openssl/asn1.h>
62 #include <openssl/buf.h>
63 #include <openssl/bytestring.h>
64 #include <openssl/err.h>
65 #include <openssl/lhash.h>
66 #include <openssl/mem.h>
67 #include <openssl/thread.h>
71 /* These globals are protected by CRYPTO_LOCK_OBJ. */
72 static LHASH_OF(ASN1_OBJECT) *global_added_by_data = NULL;
73 static LHASH_OF(ASN1_OBJECT) *global_added_by_nid = NULL;
74 static LHASH_OF(ASN1_OBJECT) *global_added_by_short_name = NULL;
75 static LHASH_OF(ASN1_OBJECT) *global_added_by_long_name = NULL;
77 static unsigned global_next_nid = NUM_NID;
79 static int obj_next_nid(void) {
82 CRYPTO_w_lock(CRYPTO_LOCK_OBJ);
83 ret = global_next_nid++;
84 CRYPTO_w_unlock(CRYPTO_LOCK_OBJ);
89 ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) {
91 unsigned char *data = NULL;
92 char *sn = NULL, *ln = NULL;
98 if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
99 /* TODO(fork): this is a little dangerous. */
100 return (ASN1_OBJECT *)o;
103 r = ASN1_OBJECT_new();
105 OPENSSL_PUT_ERROR(OBJ, OBJ_dup, ERR_R_ASN1_LIB);
108 r->ln = r->sn = NULL;
110 data = OPENSSL_malloc(o->length);
114 if (o->data != NULL) {
115 memcpy(data, o->data, o->length);
118 /* once data is attached to an object, it remains const */
120 r->length = o->length;
124 ln = OPENSSL_strdup(o->ln);
131 sn = OPENSSL_strdup(o->sn);
141 o->flags | (ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
142 ASN1_OBJECT_FLAG_DYNAMIC_DATA);
146 OPENSSL_PUT_ERROR(OBJ, OBJ_dup, ERR_R_MALLOC_FAILURE);
160 int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
163 ret = a->length - b->length;
167 return memcmp(a->data, b->data, a->length);
170 /* nids_cmp is called to search the kNIDsInOIDOrder array. The |key| argument
171 * is an |ASN1_OBJECT|* that we're looking for and |element| is a pointer to an
172 * unsigned int in the array. */
173 static int obj_cmp(const void *key, const void *element) {
175 unsigned nid = *((unsigned*) element);
176 const ASN1_OBJECT *a = key;
177 const ASN1_OBJECT *b = &kObjects[nid];
179 j = a->length - b->length;
183 return memcmp(a->data, b->data, a->length);
186 int OBJ_obj2nid(const ASN1_OBJECT *obj) {
187 const unsigned int *nid_ptr;
197 CRYPTO_r_lock(CRYPTO_LOCK_OBJ);
198 if (global_added_by_data != NULL) {
201 match = lh_ASN1_OBJECT_retrieve(global_added_by_data, obj);
203 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
207 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
209 nid_ptr = bsearch(obj, kNIDsInOIDOrder, NUM_OBJ, sizeof(unsigned), obj_cmp);
210 if (nid_ptr == NULL) {
214 return kObjects[*nid_ptr].nid;
217 int OBJ_cbs2nid(const CBS *cbs) {
219 memset(&obj, 0, sizeof(obj));
220 obj.data = CBS_data(cbs);
221 obj.length = CBS_len(cbs);
223 return OBJ_obj2nid(&obj);
226 /* short_name_cmp is called to search the kNIDsInShortNameOrder array. The
227 * |key| argument is name that we're looking for and |element| is a pointer to
228 * an unsigned int in the array. */
229 static int short_name_cmp(const void *key, const void *element) {
230 const char *name = (const char *) key;
231 unsigned nid = *((unsigned*) element);
233 return strcmp(name, kObjects[nid].sn);
236 int OBJ_sn2nid(const char *short_name) {
237 const unsigned int *nid_ptr;
239 CRYPTO_r_lock(CRYPTO_LOCK_OBJ);
240 if (global_added_by_short_name != NULL) {
241 ASN1_OBJECT *match, template;
243 template.sn = short_name;
244 match = lh_ASN1_OBJECT_retrieve(global_added_by_short_name, &template);
246 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
250 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
252 nid_ptr = bsearch(short_name, kNIDsInShortNameOrder, NUM_SN, sizeof(unsigned), short_name_cmp);
253 if (nid_ptr == NULL) {
257 return kObjects[*nid_ptr].nid;
260 /* long_name_cmp is called to search the kNIDsInLongNameOrder array. The
261 * |key| argument is name that we're looking for and |element| is a pointer to
262 * an unsigned int in the array. */
263 static int long_name_cmp(const void *key, const void *element) {
264 const char *name = (const char *) key;
265 unsigned nid = *((unsigned*) element);
267 return strcmp(name, kObjects[nid].ln);
270 int OBJ_ln2nid(const char *long_name) {
271 const unsigned int *nid_ptr;
273 CRYPTO_r_lock(CRYPTO_LOCK_OBJ);
274 if (global_added_by_long_name != NULL) {
275 ASN1_OBJECT *match, template;
277 template.ln = long_name;
278 match = lh_ASN1_OBJECT_retrieve(global_added_by_long_name, &template);
280 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
284 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
286 nid_ptr = bsearch(long_name, kNIDsInLongNameOrder, NUM_LN, sizeof(unsigned), long_name_cmp);
287 if (nid_ptr == NULL) {
291 return kObjects[*nid_ptr].nid;
294 int OBJ_txt2nid(const char *s) {
298 obj = OBJ_txt2obj(s, 0 /* search names */);
299 nid = OBJ_obj2nid(obj);
300 ASN1_OBJECT_free(obj);
304 OPENSSL_EXPORT int OBJ_nid2cbb(CBB *out, int nid) {
305 const ASN1_OBJECT *obj = OBJ_nid2obj(nid);
309 !CBB_add_asn1(out, &oid, CBS_ASN1_OBJECT) ||
310 !CBB_add_bytes(&oid, obj->data, obj->length) ||
318 const ASN1_OBJECT *OBJ_nid2obj(int nid) {
319 if (nid >= 0 && nid < NUM_NID) {
320 if (nid != NID_undef && kObjects[nid].nid == NID_undef) {
323 return &kObjects[nid];
326 CRYPTO_r_lock(CRYPTO_LOCK_OBJ);
327 if (global_added_by_nid != NULL) {
328 ASN1_OBJECT *match, template;
331 match = lh_ASN1_OBJECT_retrieve(global_added_by_nid, &template);
333 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
337 CRYPTO_r_unlock(CRYPTO_LOCK_OBJ);
340 OPENSSL_PUT_ERROR(OBJ, OBJ_nid2obj, OBJ_R_UNKNOWN_NID);
344 const char *OBJ_nid2sn(int nid) {
345 const ASN1_OBJECT *obj = OBJ_nid2obj(nid);
353 const char *OBJ_nid2ln(int nid) {
354 const ASN1_OBJECT *obj = OBJ_nid2obj(nid);
362 ASN1_OBJECT *OBJ_txt2obj(const char *s, int dont_search_names) {
364 ASN1_OBJECT *op = NULL;
367 const unsigned char *bufp;
368 int contents_len, total_len;
370 if (!dont_search_names) {
372 if (nid == NID_undef) {
376 if (nid != NID_undef) {
377 return (ASN1_OBJECT*) OBJ_nid2obj(nid);
381 /* Work out size of content octets */
382 contents_len = a2d_ASN1_OBJECT(NULL, 0, s, -1);
383 if (contents_len <= 0) {
386 /* Work out total size */
387 total_len = ASN1_object_size(0, contents_len, V_ASN1_OBJECT);
389 buf = OPENSSL_malloc(total_len);
391 OPENSSL_PUT_ERROR(OBJ, OBJ_txt2obj, ERR_R_MALLOC_FAILURE);
396 /* Write out tag+length */
397 ASN1_put_object(&p, 0, contents_len, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
398 /* Write out contents */
399 a2d_ASN1_OBJECT(p, contents_len, s, -1);
402 op = d2i_ASN1_OBJECT(NULL, &bufp, total_len);
408 int OBJ_obj2txt(char *out, int out_len, const ASN1_OBJECT *obj, int dont_return_name) {
409 int i, n = 0, len, nid, first, use_bn;
412 const unsigned char *p;
413 char tbuf[DECIMAL_SIZE(i) + DECIMAL_SIZE(l) + 2];
415 if (out && out_len > 0) {
419 if (obj == NULL || obj->data == NULL) {
423 if (!dont_return_name && (nid = OBJ_obj2nid(obj)) != NID_undef) {
431 BUF_strlcpy(out, s, out_len);
447 unsigned char c = *p++;
449 if (len == 0 && (c & 0x80)) {
453 if (!BN_add_word(bl, c & 0x7f)) {
462 if (!use_bn && (l > (ULONG_MAX >> 7L))) {
463 if (!bl && !(bl = BN_new())) {
466 if (!BN_set_word(bl, l)) {
472 if (!BN_lshift(bl, bl, 7)) {
485 if (!BN_sub_word(bl, 80)) {
495 if (out && out_len > 1) {
505 bndec = BN_bn2dec(bl);
516 BUF_strlcpy(out, bndec, out_len);
529 BIO_snprintf(tbuf, sizeof(tbuf), ".%lu", l);
531 if (out && out_len > 0) {
532 BUF_strlcpy(out, tbuf, out_len);
557 static uint32_t hash_nid(const ASN1_OBJECT *obj) {
561 static int cmp_nid(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
562 return a->nid - b->nid;
565 static uint32_t hash_data(const ASN1_OBJECT *obj) {
566 return OPENSSL_hash32(obj->data, obj->length);
569 static int cmp_data(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
570 int i = a->length - b->length;
574 return memcmp(a->data, b->data, a->length);
577 static uint32_t hash_short_name(const ASN1_OBJECT *obj) {
578 return lh_strhash(obj->sn);
581 static int cmp_short_name(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
582 return strcmp(a->sn, b->sn);
585 static uint32_t hash_long_name(const ASN1_OBJECT *obj) {
586 return lh_strhash(obj->ln);
589 static int cmp_long_name(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
590 return strcmp(a->ln, b->ln);
593 /* obj_add_object inserts |obj| into the various global hashes for run-time
594 * added objects. It returns one on success or zero otherwise. */
595 static int obj_add_object(ASN1_OBJECT *obj) {
597 ASN1_OBJECT *old_object;
599 obj->flags &= ~(ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
600 ASN1_OBJECT_FLAG_DYNAMIC_DATA);
602 CRYPTO_w_lock(CRYPTO_LOCK_OBJ);
603 if (global_added_by_nid == NULL) {
604 global_added_by_nid = lh_ASN1_OBJECT_new(hash_nid, cmp_nid);
605 global_added_by_data = lh_ASN1_OBJECT_new(hash_data, cmp_data);
606 global_added_by_short_name = lh_ASN1_OBJECT_new(hash_short_name, cmp_short_name);
607 global_added_by_long_name = lh_ASN1_OBJECT_new(hash_long_name, cmp_long_name);
610 /* We don't pay attention to |old_object| (which contains any previous object
611 * that was evicted from the hashes) because we don't have a reference count
612 * on ASN1_OBJECT values. Also, we should never have duplicates nids and so
613 * should always have objects in |global_added_by_nid|. */
615 ok = lh_ASN1_OBJECT_insert(global_added_by_nid, &old_object, obj);
616 if (obj->length != 0 && obj->data != NULL) {
617 ok &= lh_ASN1_OBJECT_insert(global_added_by_data, &old_object, obj);
619 if (obj->sn != NULL) {
620 ok &= lh_ASN1_OBJECT_insert(global_added_by_short_name, &old_object, obj);
622 if (obj->ln != NULL) {
623 ok &= lh_ASN1_OBJECT_insert(global_added_by_long_name, &old_object, obj);
625 CRYPTO_w_unlock(CRYPTO_LOCK_OBJ);
630 int OBJ_create(const char *oid, const char *short_name, const char *long_name) {
632 ASN1_OBJECT *op = NULL;
633 unsigned char *buf = NULL;
636 len = a2d_ASN1_OBJECT(NULL, 0, oid, -1);
641 buf = OPENSSL_malloc(len);
643 OPENSSL_PUT_ERROR(OBJ, OBJ_create, ERR_R_MALLOC_FAILURE);
647 len = a2d_ASN1_OBJECT(buf, len, oid, -1);
652 op = (ASN1_OBJECT *)ASN1_OBJECT_create(obj_next_nid(), buf, len, short_name,
658 if (obj_add_object(op)) {
665 ASN1_OBJECT_free(op);