1 /* $OpenBSD: obj_dat.c,v 1.63 2023/12/13 23:28:47 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <ctype.h> 60 #include <limits.h> 61 #include <stdio.h> 62 #include <stdlib.h> 63 #include <string.h> 64 65 #include <openssl/opensslconf.h> 66 67 #include <openssl/asn1.h> 68 #include <openssl/bn.h> 69 #include <openssl/err.h> 70 #include <openssl/lhash.h> 71 #include <openssl/objects.h> 72 73 #include "asn1_local.h" 74 75 /* obj_dat.h is generated from objects.h by obj_dat.pl */ 76 #include "obj_dat.h" 77 78 static int sn_cmp_BSEARCH_CMP_FN(const void *, const void *); 79 static int sn_cmp(const ASN1_OBJECT * const *, unsigned int const *); 80 static unsigned int *OBJ_bsearch_sn(const ASN1_OBJECT * *key, unsigned int const *base, int num); 81 static int ln_cmp_BSEARCH_CMP_FN(const void *, const void *); 82 static int ln_cmp(const ASN1_OBJECT * const *, unsigned int const *); 83 static unsigned int *OBJ_bsearch_ln(const ASN1_OBJECT * *key, unsigned int const *base, int num); 84 85 #define ADDED_DATA 0 86 #define ADDED_SNAME 1 87 #define ADDED_LNAME 2 88 #define ADDED_NID 3 89 90 typedef struct added_obj_st { 91 int type; 92 ASN1_OBJECT *obj; 93 } ADDED_OBJ; 94 DECLARE_LHASH_OF(ADDED_OBJ); 95 96 static int new_nid = NUM_NID; 97 static LHASH_OF(ADDED_OBJ) *added = NULL; 98 99 static int sn_cmp(const ASN1_OBJECT * const *a, const unsigned int *b) 100 { 101 return (strcmp((*a)->sn, nid_objs[*b].sn)); 102 } 103 104 105 static int 106 sn_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) 107 { 108 const ASN1_OBJECT * const *a = a_; 109 unsigned int const *b = b_; 110 return sn_cmp(a, b); 111 } 112 113 static unsigned int * 114 OBJ_bsearch_sn(const ASN1_OBJECT * *key, unsigned int const *base, int num) 115 { 116 return (unsigned int *)OBJ_bsearch_(key, base, num, sizeof(unsigned int), 117 sn_cmp_BSEARCH_CMP_FN); 118 } 119 120 static int ln_cmp(const ASN1_OBJECT * const *a, const unsigned int *b) 121 { 122 return (strcmp((*a)->ln, nid_objs[*b].ln)); 123 } 124 125 126 static int 127 ln_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) 128 { 129 const ASN1_OBJECT * const *a = a_; 130 unsigned int const *b = b_; 131 return ln_cmp(a, b); 132 } 133 134 static unsigned int * 135 OBJ_bsearch_ln(const ASN1_OBJECT * *key, unsigned int const *base, int num) 136 { 137 return (unsigned int *)OBJ_bsearch_(key, base, num, sizeof(unsigned int), 138 ln_cmp_BSEARCH_CMP_FN); 139 } 140 141 static unsigned long 142 added_obj_hash(const ADDED_OBJ *ca) 143 { 144 const ASN1_OBJECT *a; 145 int i; 146 unsigned long ret = 0; 147 unsigned char *p; 148 149 a = ca->obj; 150 switch (ca->type) { 151 case ADDED_DATA: 152 ret = a->length << 20L; 153 p = (unsigned char *)a->data; 154 for (i = 0; i < a->length; i++) 155 ret ^= p[i] << ((i * 3) % 24); 156 break; 157 case ADDED_SNAME: 158 ret = lh_strhash(a->sn); 159 break; 160 case ADDED_LNAME: 161 ret = lh_strhash(a->ln); 162 break; 163 case ADDED_NID: 164 ret = a->nid; 165 break; 166 default: 167 return 0; 168 } 169 ret &= 0x3fffffffL; 170 ret |= ca->type << 30L; 171 return (ret); 172 } 173 static IMPLEMENT_LHASH_HASH_FN(added_obj, ADDED_OBJ) 174 175 static int 176 added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb) 177 { 178 const ASN1_OBJECT *a, *b; 179 int cmp; 180 181 if ((cmp = ca->type - cb->type) != 0) 182 return cmp; 183 184 a = ca->obj; 185 b = cb->obj; 186 switch (ca->type) { 187 case ADDED_DATA: 188 return OBJ_cmp(a, b); 189 case ADDED_SNAME: 190 if (a->sn == NULL) 191 return -1; 192 if (b->sn == NULL) 193 return 1; 194 return strcmp(a->sn, b->sn); 195 case ADDED_LNAME: 196 if (a->ln == NULL) 197 return -1; 198 if (b->ln == NULL) 199 return 1; 200 return strcmp(a->ln, b->ln); 201 case ADDED_NID: 202 return a->nid - b->nid; 203 default: 204 return 0; 205 } 206 } 207 static IMPLEMENT_LHASH_COMP_FN(added_obj, ADDED_OBJ) 208 209 static void 210 cleanup1_doall(ADDED_OBJ *a) 211 { 212 a->obj->nid = 0; 213 a->obj->flags |= ASN1_OBJECT_FLAG_DYNAMIC | 214 ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | 215 ASN1_OBJECT_FLAG_DYNAMIC_DATA; 216 } 217 218 static void cleanup2_doall(ADDED_OBJ *a) 219 { 220 a->obj->nid++; 221 } 222 223 static void 224 cleanup3_doall(ADDED_OBJ *a) 225 { 226 if (--a->obj->nid == 0) 227 ASN1_OBJECT_free(a->obj); 228 free(a); 229 } 230 231 static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ) 232 static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ) 233 static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ) 234 235 /* The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting 236 * to use freed up OIDs. If necessary the actual freeing up of OIDs is 237 * delayed. 238 */ 239 240 int obj_cleanup_defer = 0; 241 242 void 243 check_defer(int nid) 244 { 245 if (!obj_cleanup_defer && nid >= NUM_NID) 246 obj_cleanup_defer = 1; 247 } 248 249 void 250 OBJ_cleanup(void) 251 { 252 if (obj_cleanup_defer) { 253 obj_cleanup_defer = 2; 254 return; 255 } 256 if (added == NULL) 257 return; 258 lh_ADDED_OBJ_down_load(added) = 0; 259 lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup1)); /* zero counters */ 260 lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup2)); /* set counters */ 261 lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup3)); /* free objects */ 262 lh_ADDED_OBJ_free(added); 263 added = NULL; 264 } 265 LCRYPTO_ALIAS(OBJ_cleanup); 266 267 int 268 OBJ_new_nid(int num) 269 { 270 int i; 271 272 i = new_nid; 273 new_nid += num; 274 return (i); 275 } 276 LCRYPTO_ALIAS(OBJ_new_nid); 277 278 int 279 OBJ_add_object(const ASN1_OBJECT *obj) 280 { 281 ASN1_OBJECT *o = NULL; 282 ADDED_OBJ *ao[4] = {NULL, NULL, NULL, NULL}, *aop; 283 int i; 284 285 if (added == NULL) 286 added = lh_ADDED_OBJ_new(); 287 if (added == NULL) 288 goto err; 289 if (obj == NULL || obj->nid == NID_undef) 290 goto err; 291 if ((o = OBJ_dup(obj)) == NULL) 292 goto err; 293 if (!(ao[ADDED_NID] = malloc(sizeof(ADDED_OBJ)))) 294 goto err2; 295 if ((o->length != 0) && (obj->data != NULL)) 296 if (!(ao[ADDED_DATA] = malloc(sizeof(ADDED_OBJ)))) 297 goto err2; 298 if (o->sn != NULL) 299 if (!(ao[ADDED_SNAME] = malloc(sizeof(ADDED_OBJ)))) 300 goto err2; 301 if (o->ln != NULL) 302 if (!(ao[ADDED_LNAME] = malloc(sizeof(ADDED_OBJ)))) 303 goto err2; 304 305 for (i = ADDED_DATA; i <= ADDED_NID; i++) { 306 if (ao[i] != NULL) { 307 ao[i]->type = i; 308 ao[i]->obj = o; 309 aop = lh_ADDED_OBJ_insert(added, ao[i]); 310 /* memory leak, but should not normally matter */ 311 free(aop); 312 } 313 } 314 o->flags &= ~(ASN1_OBJECT_FLAG_DYNAMIC | 315 ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | 316 ASN1_OBJECT_FLAG_DYNAMIC_DATA); 317 318 return (o->nid); 319 320 err2: 321 OBJerror(ERR_R_MALLOC_FAILURE); 322 err: 323 for (i = ADDED_DATA; i <= ADDED_NID; i++) 324 free(ao[i]); 325 ASN1_OBJECT_free(o); 326 return (NID_undef); 327 } 328 LCRYPTO_ALIAS(OBJ_add_object); 329 330 ASN1_OBJECT * 331 OBJ_nid2obj(int n) 332 { 333 ADDED_OBJ ad, *adp; 334 ASN1_OBJECT ob; 335 336 if ((n >= 0) && (n < NUM_NID)) { 337 if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) { 338 OBJerror(OBJ_R_UNKNOWN_NID); 339 return (NULL); 340 } 341 return ((ASN1_OBJECT *)&(nid_objs[n])); 342 } else if (added == NULL) 343 return (NULL); 344 else { 345 ad.type = ADDED_NID; 346 ad.obj = &ob; 347 ob.nid = n; 348 adp = lh_ADDED_OBJ_retrieve(added, &ad); 349 if (adp != NULL) 350 return (adp->obj); 351 else { 352 OBJerror(OBJ_R_UNKNOWN_NID); 353 return (NULL); 354 } 355 } 356 } 357 LCRYPTO_ALIAS(OBJ_nid2obj); 358 359 const char * 360 OBJ_nid2sn(int n) 361 { 362 ADDED_OBJ ad, *adp; 363 ASN1_OBJECT ob; 364 365 if ((n >= 0) && (n < NUM_NID)) { 366 if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) { 367 OBJerror(OBJ_R_UNKNOWN_NID); 368 return (NULL); 369 } 370 return (nid_objs[n].sn); 371 } else if (added == NULL) 372 return (NULL); 373 else { 374 ad.type = ADDED_NID; 375 ad.obj = &ob; 376 ob.nid = n; 377 adp = lh_ADDED_OBJ_retrieve(added, &ad); 378 if (adp != NULL) 379 return (adp->obj->sn); 380 else { 381 OBJerror(OBJ_R_UNKNOWN_NID); 382 return (NULL); 383 } 384 } 385 } 386 LCRYPTO_ALIAS(OBJ_nid2sn); 387 388 const char * 389 OBJ_nid2ln(int n) 390 { 391 ADDED_OBJ ad, *adp; 392 ASN1_OBJECT ob; 393 394 if ((n >= 0) && (n < NUM_NID)) { 395 if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) { 396 OBJerror(OBJ_R_UNKNOWN_NID); 397 return (NULL); 398 } 399 return (nid_objs[n].ln); 400 } else if (added == NULL) 401 return (NULL); 402 else { 403 ad.type = ADDED_NID; 404 ad.obj = &ob; 405 ob.nid = n; 406 adp = lh_ADDED_OBJ_retrieve(added, &ad); 407 if (adp != NULL) 408 return (adp->obj->ln); 409 else { 410 OBJerror(OBJ_R_UNKNOWN_NID); 411 return (NULL); 412 } 413 } 414 } 415 LCRYPTO_ALIAS(OBJ_nid2ln); 416 417 static int 418 obj_objs_cmp(const void *aobj, const void *b) 419 { 420 const unsigned int *nid = b; 421 422 return OBJ_cmp(aobj, &nid_objs[*nid]); 423 } 424 425 int 426 OBJ_obj2nid(const ASN1_OBJECT *aobj) 427 { 428 const unsigned int *nid; 429 430 if (aobj == NULL || aobj->length == 0) 431 return NID_undef; 432 433 if (aobj->nid != NID_undef) 434 return aobj->nid; 435 436 /* XXX - locking. OpenSSL 3 moved this after built-in object lookup. */ 437 if (added != NULL) { 438 ADDED_OBJ needle = { 439 .type = ADDED_DATA, 440 .obj = (ASN1_OBJECT *)aobj, 441 }; 442 ADDED_OBJ *found; 443 444 if ((found = lh_ADDED_OBJ_retrieve(added, &needle)) != NULL) 445 return found->obj->nid; 446 } 447 448 /* obj_objs holds built-in obj NIDs in ascending OBJ_cmp() order. */ 449 nid = bsearch(aobj, obj_objs, NUM_OBJ, sizeof(unsigned int), obj_objs_cmp); 450 if (nid != NULL) 451 return *nid; 452 453 return NID_undef; 454 } 455 LCRYPTO_ALIAS(OBJ_obj2nid); 456 457 /* Convert an object name into an ASN1_OBJECT 458 * if "noname" is not set then search for short and long names first. 459 * This will convert the "dotted" form into an object: unlike OBJ_txt2nid 460 * it can be used with any objects, not just registered ones. 461 */ 462 463 ASN1_OBJECT * 464 OBJ_txt2obj(const char *s, int no_name) 465 { 466 int nid; 467 468 if (!no_name) { 469 if ((nid = OBJ_sn2nid(s)) != NID_undef || 470 (nid = OBJ_ln2nid(s)) != NID_undef) 471 return OBJ_nid2obj(nid); 472 } 473 474 return t2i_ASN1_OBJECT_internal(s); 475 } 476 LCRYPTO_ALIAS(OBJ_txt2obj); 477 478 int 479 OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *aobj, int no_name) 480 { 481 return i2t_ASN1_OBJECT_internal(aobj, buf, buf_len, no_name); 482 } 483 LCRYPTO_ALIAS(OBJ_obj2txt); 484 485 int 486 OBJ_txt2nid(const char *s) 487 { 488 ASN1_OBJECT *obj; 489 int nid; 490 491 obj = OBJ_txt2obj(s, 0); 492 nid = OBJ_obj2nid(obj); 493 ASN1_OBJECT_free(obj); 494 return nid; 495 } 496 LCRYPTO_ALIAS(OBJ_txt2nid); 497 498 int 499 OBJ_ln2nid(const char *s) 500 { 501 ASN1_OBJECT o; 502 const ASN1_OBJECT *oo = &o; 503 ADDED_OBJ ad, *adp; 504 const unsigned int *op; 505 506 o.ln = s; 507 if (added != NULL) { 508 ad.type = ADDED_LNAME; 509 ad.obj = &o; 510 adp = lh_ADDED_OBJ_retrieve(added, &ad); 511 if (adp != NULL) 512 return (adp->obj->nid); 513 } 514 op = OBJ_bsearch_ln(&oo, ln_objs, NUM_LN); 515 if (op == NULL) 516 return (NID_undef); 517 return (nid_objs[*op].nid); 518 } 519 LCRYPTO_ALIAS(OBJ_ln2nid); 520 521 int 522 OBJ_sn2nid(const char *s) 523 { 524 ASN1_OBJECT o; 525 const ASN1_OBJECT *oo = &o; 526 ADDED_OBJ ad, *adp; 527 const unsigned int *op; 528 529 o.sn = s; 530 if (added != NULL) { 531 ad.type = ADDED_SNAME; 532 ad.obj = &o; 533 adp = lh_ADDED_OBJ_retrieve(added, &ad); 534 if (adp != NULL) 535 return (adp->obj->nid); 536 } 537 op = OBJ_bsearch_sn(&oo, sn_objs, NUM_SN); 538 if (op == NULL) 539 return (NID_undef); 540 return (nid_objs[*op].nid); 541 } 542 LCRYPTO_ALIAS(OBJ_sn2nid); 543 544 const void * 545 OBJ_bsearch_(const void *key, const void *base, int num, int size, 546 int (*cmp)(const void *, const void *)) 547 { 548 return OBJ_bsearch_ex_(key, base, num, size, cmp, 0); 549 } 550 LCRYPTO_ALIAS(OBJ_bsearch_); 551 552 const void * 553 OBJ_bsearch_ex_(const void *key, const void *base_, int num, int size, 554 int (*cmp)(const void *, const void *), int flags) 555 { 556 const char *base = base_; 557 int l, h, i = 0, c = 0; 558 const char *p = NULL; 559 560 if (num == 0) 561 return (NULL); 562 l = 0; 563 h = num; 564 while (l < h) { 565 i = (l + h) / 2; 566 p = &(base[i * size]); 567 c = (*cmp)(key, p); 568 if (c < 0) 569 h = i; 570 else if (c > 0) 571 l = i + 1; 572 else 573 break; 574 } 575 if (c != 0 && !(flags & OBJ_BSEARCH_VALUE_ON_NOMATCH)) 576 p = NULL; 577 else if (c == 0 && (flags & OBJ_BSEARCH_FIRST_VALUE_ON_MATCH)) { 578 while (i > 0 && (*cmp)(key, &(base[(i - 1) * size])) == 0) 579 i--; 580 p = &(base[i * size]); 581 } 582 return (p); 583 } 584 585 int 586 OBJ_create_objects(BIO *in) 587 { 588 char buf[512]; 589 int i, num = 0; 590 char *o, *s, *l = NULL; 591 592 for (;;) { 593 s = o = NULL; 594 i = BIO_gets(in, buf, 512); 595 if (i <= 0) 596 return (num); 597 buf[i - 1] = '\0'; 598 if (!isalnum((unsigned char)buf[0])) 599 return (num); 600 o = s=buf; 601 while (isdigit((unsigned char)*s) || (*s == '.')) 602 s++; 603 if (*s != '\0') { 604 *(s++) = '\0'; 605 while (isspace((unsigned char)*s)) 606 s++; 607 if (*s == '\0') 608 s = NULL; 609 else { 610 l = s; 611 while ((*l != '\0') && 612 !isspace((unsigned char)*l)) 613 l++; 614 if (*l != '\0') { 615 *(l++) = '\0'; 616 while (isspace((unsigned char)*l)) 617 l++; 618 if (*l == '\0') 619 l = NULL; 620 } else 621 l = NULL; 622 } 623 } else 624 s = NULL; 625 if ((o == NULL) || (*o == '\0')) 626 return (num); 627 if (!OBJ_create(o, s, l)) 628 return (num); 629 num++; 630 } 631 /* return(num); */ 632 } 633 LCRYPTO_ALIAS(OBJ_create_objects); 634 635 int 636 OBJ_create(const char *oid, const char *sn, const char *ln) 637 { 638 int ok = 0; 639 ASN1_OBJECT *op = NULL; 640 unsigned char *buf; 641 int i; 642 643 i = a2d_ASN1_OBJECT(NULL, 0, oid, -1); 644 if (i <= 0) 645 return (0); 646 647 if ((buf = malloc(i)) == NULL) { 648 OBJerror(ERR_R_MALLOC_FAILURE); 649 return (0); 650 } 651 i = a2d_ASN1_OBJECT(buf, i, oid, -1); 652 if (i == 0) 653 goto err; 654 op = (ASN1_OBJECT *)ASN1_OBJECT_create(OBJ_new_nid(1), buf, i, sn, ln); 655 if (op == NULL) 656 goto err; 657 ok = OBJ_add_object(op); 658 659 err: 660 ASN1_OBJECT_free(op); 661 free(buf); 662 return (ok); 663 } 664 LCRYPTO_ALIAS(OBJ_create); 665 666 size_t 667 OBJ_length(const ASN1_OBJECT *obj) 668 { 669 if (obj == NULL) 670 return 0; 671 672 if (obj->length < 0) 673 return 0; 674 675 return obj->length; 676 } 677 LCRYPTO_ALIAS(OBJ_length); 678 679 const unsigned char * 680 OBJ_get0_data(const ASN1_OBJECT *obj) 681 { 682 if (obj == NULL) 683 return NULL; 684 685 return obj->data; 686 } 687 LCRYPTO_ALIAS(OBJ_get0_data); 688