1 /* $OpenBSD: obj_dat.c,v 1.64 2023/12/13 23:31:25 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <ctype.h> 60 #include <limits.h> 61 #include <stdio.h> 62 #include <stdlib.h> 63 #include <string.h> 64 65 #include <openssl/opensslconf.h> 66 67 #include <openssl/asn1.h> 68 #include <openssl/bn.h> 69 #include <openssl/err.h> 70 #include <openssl/lhash.h> 71 #include <openssl/objects.h> 72 73 #include "asn1_local.h" 74 75 /* obj_dat.h is generated from objects.h by obj_dat.pl */ 76 #include "obj_dat.h" 77 78 static int ln_cmp_BSEARCH_CMP_FN(const void *, const void *); 79 static int ln_cmp(const ASN1_OBJECT * const *, unsigned int const *); 80 static unsigned int *OBJ_bsearch_ln(const ASN1_OBJECT * *key, unsigned int const *base, int num); 81 82 #define ADDED_DATA 0 83 #define ADDED_SNAME 1 84 #define ADDED_LNAME 2 85 #define ADDED_NID 3 86 87 typedef struct added_obj_st { 88 int type; 89 ASN1_OBJECT *obj; 90 } ADDED_OBJ; 91 DECLARE_LHASH_OF(ADDED_OBJ); 92 93 static int new_nid = NUM_NID; 94 static LHASH_OF(ADDED_OBJ) *added = NULL; 95 96 static int ln_cmp(const ASN1_OBJECT * const *a, const unsigned int *b) 97 { 98 return (strcmp((*a)->ln, nid_objs[*b].ln)); 99 } 100 101 static int 102 ln_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) 103 { 104 const ASN1_OBJECT * const *a = a_; 105 unsigned int const *b = b_; 106 return ln_cmp(a, b); 107 } 108 109 static unsigned int * 110 OBJ_bsearch_ln(const ASN1_OBJECT * *key, unsigned int const *base, int num) 111 { 112 return (unsigned int *)OBJ_bsearch_(key, base, num, sizeof(unsigned int), 113 ln_cmp_BSEARCH_CMP_FN); 114 } 115 116 static unsigned long 117 added_obj_hash(const ADDED_OBJ *ca) 118 { 119 const ASN1_OBJECT *a; 120 int i; 121 unsigned long ret = 0; 122 unsigned char *p; 123 124 a = ca->obj; 125 switch (ca->type) { 126 case ADDED_DATA: 127 ret = a->length << 20L; 128 p = (unsigned char *)a->data; 129 for (i = 0; i < a->length; i++) 130 ret ^= p[i] << ((i * 3) % 24); 131 break; 132 case ADDED_SNAME: 133 ret = lh_strhash(a->sn); 134 break; 135 case ADDED_LNAME: 136 ret = lh_strhash(a->ln); 137 break; 138 case ADDED_NID: 139 ret = a->nid; 140 break; 141 default: 142 return 0; 143 } 144 ret &= 0x3fffffffL; 145 ret |= ca->type << 30L; 146 return (ret); 147 } 148 static IMPLEMENT_LHASH_HASH_FN(added_obj, ADDED_OBJ) 149 150 static int 151 added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb) 152 { 153 const ASN1_OBJECT *a, *b; 154 int cmp; 155 156 if ((cmp = ca->type - cb->type) != 0) 157 return cmp; 158 159 a = ca->obj; 160 b = cb->obj; 161 switch (ca->type) { 162 case ADDED_DATA: 163 return OBJ_cmp(a, b); 164 case ADDED_SNAME: 165 if (a->sn == NULL) 166 return -1; 167 if (b->sn == NULL) 168 return 1; 169 return strcmp(a->sn, b->sn); 170 case ADDED_LNAME: 171 if (a->ln == NULL) 172 return -1; 173 if (b->ln == NULL) 174 return 1; 175 return strcmp(a->ln, b->ln); 176 case ADDED_NID: 177 return a->nid - b->nid; 178 default: 179 return 0; 180 } 181 } 182 static IMPLEMENT_LHASH_COMP_FN(added_obj, ADDED_OBJ) 183 184 static void 185 cleanup1_doall(ADDED_OBJ *a) 186 { 187 a->obj->nid = 0; 188 a->obj->flags |= ASN1_OBJECT_FLAG_DYNAMIC | 189 ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | 190 ASN1_OBJECT_FLAG_DYNAMIC_DATA; 191 } 192 193 static void cleanup2_doall(ADDED_OBJ *a) 194 { 195 a->obj->nid++; 196 } 197 198 static void 199 cleanup3_doall(ADDED_OBJ *a) 200 { 201 if (--a->obj->nid == 0) 202 ASN1_OBJECT_free(a->obj); 203 free(a); 204 } 205 206 static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ) 207 static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ) 208 static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ) 209 210 /* The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting 211 * to use freed up OIDs. If necessary the actual freeing up of OIDs is 212 * delayed. 213 */ 214 215 int obj_cleanup_defer = 0; 216 217 void 218 check_defer(int nid) 219 { 220 if (!obj_cleanup_defer && nid >= NUM_NID) 221 obj_cleanup_defer = 1; 222 } 223 224 void 225 OBJ_cleanup(void) 226 { 227 if (obj_cleanup_defer) { 228 obj_cleanup_defer = 2; 229 return; 230 } 231 if (added == NULL) 232 return; 233 lh_ADDED_OBJ_down_load(added) = 0; 234 lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup1)); /* zero counters */ 235 lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup2)); /* set counters */ 236 lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup3)); /* free objects */ 237 lh_ADDED_OBJ_free(added); 238 added = NULL; 239 } 240 LCRYPTO_ALIAS(OBJ_cleanup); 241 242 int 243 OBJ_new_nid(int num) 244 { 245 int i; 246 247 i = new_nid; 248 new_nid += num; 249 return (i); 250 } 251 LCRYPTO_ALIAS(OBJ_new_nid); 252 253 int 254 OBJ_add_object(const ASN1_OBJECT *obj) 255 { 256 ASN1_OBJECT *o = NULL; 257 ADDED_OBJ *ao[4] = {NULL, NULL, NULL, NULL}, *aop; 258 int i; 259 260 if (added == NULL) 261 added = lh_ADDED_OBJ_new(); 262 if (added == NULL) 263 goto err; 264 if (obj == NULL || obj->nid == NID_undef) 265 goto err; 266 if ((o = OBJ_dup(obj)) == NULL) 267 goto err; 268 if (!(ao[ADDED_NID] = malloc(sizeof(ADDED_OBJ)))) 269 goto err2; 270 if ((o->length != 0) && (obj->data != NULL)) 271 if (!(ao[ADDED_DATA] = malloc(sizeof(ADDED_OBJ)))) 272 goto err2; 273 if (o->sn != NULL) 274 if (!(ao[ADDED_SNAME] = malloc(sizeof(ADDED_OBJ)))) 275 goto err2; 276 if (o->ln != NULL) 277 if (!(ao[ADDED_LNAME] = malloc(sizeof(ADDED_OBJ)))) 278 goto err2; 279 280 for (i = ADDED_DATA; i <= ADDED_NID; i++) { 281 if (ao[i] != NULL) { 282 ao[i]->type = i; 283 ao[i]->obj = o; 284 aop = lh_ADDED_OBJ_insert(added, ao[i]); 285 /* memory leak, but should not normally matter */ 286 free(aop); 287 } 288 } 289 o->flags &= ~(ASN1_OBJECT_FLAG_DYNAMIC | 290 ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | 291 ASN1_OBJECT_FLAG_DYNAMIC_DATA); 292 293 return (o->nid); 294 295 err2: 296 OBJerror(ERR_R_MALLOC_FAILURE); 297 err: 298 for (i = ADDED_DATA; i <= ADDED_NID; i++) 299 free(ao[i]); 300 ASN1_OBJECT_free(o); 301 return (NID_undef); 302 } 303 LCRYPTO_ALIAS(OBJ_add_object); 304 305 ASN1_OBJECT * 306 OBJ_nid2obj(int n) 307 { 308 ADDED_OBJ ad, *adp; 309 ASN1_OBJECT ob; 310 311 if ((n >= 0) && (n < NUM_NID)) { 312 if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) { 313 OBJerror(OBJ_R_UNKNOWN_NID); 314 return (NULL); 315 } 316 return ((ASN1_OBJECT *)&(nid_objs[n])); 317 } else if (added == NULL) 318 return (NULL); 319 else { 320 ad.type = ADDED_NID; 321 ad.obj = &ob; 322 ob.nid = n; 323 adp = lh_ADDED_OBJ_retrieve(added, &ad); 324 if (adp != NULL) 325 return (adp->obj); 326 else { 327 OBJerror(OBJ_R_UNKNOWN_NID); 328 return (NULL); 329 } 330 } 331 } 332 LCRYPTO_ALIAS(OBJ_nid2obj); 333 334 const char * 335 OBJ_nid2sn(int n) 336 { 337 ADDED_OBJ ad, *adp; 338 ASN1_OBJECT ob; 339 340 if ((n >= 0) && (n < NUM_NID)) { 341 if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) { 342 OBJerror(OBJ_R_UNKNOWN_NID); 343 return (NULL); 344 } 345 return (nid_objs[n].sn); 346 } else if (added == NULL) 347 return (NULL); 348 else { 349 ad.type = ADDED_NID; 350 ad.obj = &ob; 351 ob.nid = n; 352 adp = lh_ADDED_OBJ_retrieve(added, &ad); 353 if (adp != NULL) 354 return (adp->obj->sn); 355 else { 356 OBJerror(OBJ_R_UNKNOWN_NID); 357 return (NULL); 358 } 359 } 360 } 361 LCRYPTO_ALIAS(OBJ_nid2sn); 362 363 const char * 364 OBJ_nid2ln(int n) 365 { 366 ADDED_OBJ ad, *adp; 367 ASN1_OBJECT ob; 368 369 if ((n >= 0) && (n < NUM_NID)) { 370 if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) { 371 OBJerror(OBJ_R_UNKNOWN_NID); 372 return (NULL); 373 } 374 return (nid_objs[n].ln); 375 } else if (added == NULL) 376 return (NULL); 377 else { 378 ad.type = ADDED_NID; 379 ad.obj = &ob; 380 ob.nid = n; 381 adp = lh_ADDED_OBJ_retrieve(added, &ad); 382 if (adp != NULL) 383 return (adp->obj->ln); 384 else { 385 OBJerror(OBJ_R_UNKNOWN_NID); 386 return (NULL); 387 } 388 } 389 } 390 LCRYPTO_ALIAS(OBJ_nid2ln); 391 392 static int 393 obj_objs_cmp(const void *aobj, const void *b) 394 { 395 const unsigned int *nid = b; 396 397 return OBJ_cmp(aobj, &nid_objs[*nid]); 398 } 399 400 int 401 OBJ_obj2nid(const ASN1_OBJECT *aobj) 402 { 403 const unsigned int *nid; 404 405 if (aobj == NULL || aobj->length == 0) 406 return NID_undef; 407 408 if (aobj->nid != NID_undef) 409 return aobj->nid; 410 411 /* XXX - locking. OpenSSL 3 moved this after built-in object lookup. */ 412 if (added != NULL) { 413 ADDED_OBJ needle = { 414 .type = ADDED_DATA, 415 .obj = (ASN1_OBJECT *)aobj, 416 }; 417 ADDED_OBJ *found; 418 419 if ((found = lh_ADDED_OBJ_retrieve(added, &needle)) != NULL) 420 return found->obj->nid; 421 } 422 423 /* obj_objs holds built-in obj NIDs in ascending OBJ_cmp() order. */ 424 nid = bsearch(aobj, obj_objs, NUM_OBJ, sizeof(unsigned int), obj_objs_cmp); 425 if (nid != NULL) 426 return *nid; 427 428 return NID_undef; 429 } 430 LCRYPTO_ALIAS(OBJ_obj2nid); 431 432 /* Convert an object name into an ASN1_OBJECT 433 * if "noname" is not set then search for short and long names first. 434 * This will convert the "dotted" form into an object: unlike OBJ_txt2nid 435 * it can be used with any objects, not just registered ones. 436 */ 437 438 ASN1_OBJECT * 439 OBJ_txt2obj(const char *s, int no_name) 440 { 441 int nid; 442 443 if (!no_name) { 444 if ((nid = OBJ_sn2nid(s)) != NID_undef || 445 (nid = OBJ_ln2nid(s)) != NID_undef) 446 return OBJ_nid2obj(nid); 447 } 448 449 return t2i_ASN1_OBJECT_internal(s); 450 } 451 LCRYPTO_ALIAS(OBJ_txt2obj); 452 453 int 454 OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *aobj, int no_name) 455 { 456 return i2t_ASN1_OBJECT_internal(aobj, buf, buf_len, no_name); 457 } 458 LCRYPTO_ALIAS(OBJ_obj2txt); 459 460 int 461 OBJ_txt2nid(const char *s) 462 { 463 ASN1_OBJECT *obj; 464 int nid; 465 466 obj = OBJ_txt2obj(s, 0); 467 nid = OBJ_obj2nid(obj); 468 ASN1_OBJECT_free(obj); 469 return nid; 470 } 471 LCRYPTO_ALIAS(OBJ_txt2nid); 472 473 int 474 OBJ_ln2nid(const char *s) 475 { 476 ASN1_OBJECT o; 477 const ASN1_OBJECT *oo = &o; 478 ADDED_OBJ ad, *adp; 479 const unsigned int *op; 480 481 o.ln = s; 482 if (added != NULL) { 483 ad.type = ADDED_LNAME; 484 ad.obj = &o; 485 adp = lh_ADDED_OBJ_retrieve(added, &ad); 486 if (adp != NULL) 487 return (adp->obj->nid); 488 } 489 op = OBJ_bsearch_ln(&oo, ln_objs, NUM_LN); 490 if (op == NULL) 491 return (NID_undef); 492 return (nid_objs[*op].nid); 493 } 494 LCRYPTO_ALIAS(OBJ_ln2nid); 495 496 static int 497 sn_objs_cmp(const void *a, const void *b) 498 { 499 const unsigned int *nid = b; 500 501 return strcmp(a, nid_objs[*nid].sn); 502 } 503 504 int 505 OBJ_sn2nid(const char *sn) 506 { 507 const unsigned int *nid; 508 509 /* XXX - locking. OpenSSL 3 moved this after built-in object lookup. */ 510 if (added != NULL) { 511 ASN1_OBJECT aobj = { 512 .sn = sn, 513 }; 514 ADDED_OBJ needle = { 515 .type = ADDED_SNAME, 516 .obj = &aobj, 517 }; 518 ADDED_OBJ *found; 519 520 if ((found = lh_ADDED_OBJ_retrieve(added, &needle)) != NULL) 521 return found->obj->nid; 522 } 523 524 /* sn_objs holds NIDs in ascending alphabetical order of SN. */ 525 nid = bsearch(sn, sn_objs, NUM_SN, sizeof(unsigned int), sn_objs_cmp); 526 if (nid != NULL) 527 return *nid; 528 529 return NID_undef; 530 } 531 LCRYPTO_ALIAS(OBJ_sn2nid); 532 533 const void * 534 OBJ_bsearch_(const void *key, const void *base, int num, int size, 535 int (*cmp)(const void *, const void *)) 536 { 537 return OBJ_bsearch_ex_(key, base, num, size, cmp, 0); 538 } 539 LCRYPTO_ALIAS(OBJ_bsearch_); 540 541 const void * 542 OBJ_bsearch_ex_(const void *key, const void *base_, int num, int size, 543 int (*cmp)(const void *, const void *), int flags) 544 { 545 const char *base = base_; 546 int l, h, i = 0, c = 0; 547 const char *p = NULL; 548 549 if (num == 0) 550 return (NULL); 551 l = 0; 552 h = num; 553 while (l < h) { 554 i = (l + h) / 2; 555 p = &(base[i * size]); 556 c = (*cmp)(key, p); 557 if (c < 0) 558 h = i; 559 else if (c > 0) 560 l = i + 1; 561 else 562 break; 563 } 564 if (c != 0 && !(flags & OBJ_BSEARCH_VALUE_ON_NOMATCH)) 565 p = NULL; 566 else if (c == 0 && (flags & OBJ_BSEARCH_FIRST_VALUE_ON_MATCH)) { 567 while (i > 0 && (*cmp)(key, &(base[(i - 1) * size])) == 0) 568 i--; 569 p = &(base[i * size]); 570 } 571 return (p); 572 } 573 574 int 575 OBJ_create_objects(BIO *in) 576 { 577 char buf[512]; 578 int i, num = 0; 579 char *o, *s, *l = NULL; 580 581 for (;;) { 582 s = o = NULL; 583 i = BIO_gets(in, buf, 512); 584 if (i <= 0) 585 return (num); 586 buf[i - 1] = '\0'; 587 if (!isalnum((unsigned char)buf[0])) 588 return (num); 589 o = s=buf; 590 while (isdigit((unsigned char)*s) || (*s == '.')) 591 s++; 592 if (*s != '\0') { 593 *(s++) = '\0'; 594 while (isspace((unsigned char)*s)) 595 s++; 596 if (*s == '\0') 597 s = NULL; 598 else { 599 l = s; 600 while ((*l != '\0') && 601 !isspace((unsigned char)*l)) 602 l++; 603 if (*l != '\0') { 604 *(l++) = '\0'; 605 while (isspace((unsigned char)*l)) 606 l++; 607 if (*l == '\0') 608 l = NULL; 609 } else 610 l = NULL; 611 } 612 } else 613 s = NULL; 614 if ((o == NULL) || (*o == '\0')) 615 return (num); 616 if (!OBJ_create(o, s, l)) 617 return (num); 618 num++; 619 } 620 /* return(num); */ 621 } 622 LCRYPTO_ALIAS(OBJ_create_objects); 623 624 int 625 OBJ_create(const char *oid, const char *sn, const char *ln) 626 { 627 int ok = 0; 628 ASN1_OBJECT *op = NULL; 629 unsigned char *buf; 630 int i; 631 632 i = a2d_ASN1_OBJECT(NULL, 0, oid, -1); 633 if (i <= 0) 634 return (0); 635 636 if ((buf = malloc(i)) == NULL) { 637 OBJerror(ERR_R_MALLOC_FAILURE); 638 return (0); 639 } 640 i = a2d_ASN1_OBJECT(buf, i, oid, -1); 641 if (i == 0) 642 goto err; 643 op = (ASN1_OBJECT *)ASN1_OBJECT_create(OBJ_new_nid(1), buf, i, sn, ln); 644 if (op == NULL) 645 goto err; 646 ok = OBJ_add_object(op); 647 648 err: 649 ASN1_OBJECT_free(op); 650 free(buf); 651 return (ok); 652 } 653 LCRYPTO_ALIAS(OBJ_create); 654 655 size_t 656 OBJ_length(const ASN1_OBJECT *obj) 657 { 658 if (obj == NULL) 659 return 0; 660 661 if (obj->length < 0) 662 return 0; 663 664 return obj->length; 665 } 666 LCRYPTO_ALIAS(OBJ_length); 667 668 const unsigned char * 669 OBJ_get0_data(const ASN1_OBJECT *obj) 670 { 671 if (obj == NULL) 672 return NULL; 673 674 return obj->data; 675 } 676 LCRYPTO_ALIAS(OBJ_get0_data); 677