kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5611 Commits
12 Branches
38 MiB
 
 
 
 
 
 
Tree: 17d553d299
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '17d553d299'
${ noResults }
boringssl/crypto/obj/obj.c

555 lines
16 KiB
Raw Blame History 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/obj.h>

  58. 

  59. #include <inttypes.h>

  60. #include <limits.h>

  61. #include <string.h>

  62. 

  63. #include <openssl/asn1.h>

  64. #include <openssl/buf.h>

  65. #include <openssl/bytestring.h>

  66. #include <openssl/err.h>

  67. #include <openssl/lhash.h>

  68. #include <openssl/mem.h>

  69. #include <openssl/thread.h>

  70. 

  71. #include "obj_dat.h"

  72. #include "../internal.h"

  73. 

  74. 

  75. DEFINE_LHASH_OF(ASN1_OBJECT)

  76. 

  77. static struct CRYPTO_STATIC_MUTEX global_added_lock = CRYPTO_STATIC_MUTEX_INIT;

  78. // These globals are protected by |global_added_lock|.

  79. static LHASH_OF(ASN1_OBJECT) *global_added_by_data = NULL;

  80. static LHASH_OF(ASN1_OBJECT) *global_added_by_nid = NULL;

  81. static LHASH_OF(ASN1_OBJECT) *global_added_by_short_name = NULL;

  82. static LHASH_OF(ASN1_OBJECT) *global_added_by_long_name = NULL;

  83. 

  84. static struct CRYPTO_STATIC_MUTEX global_next_nid_lock =

  85.     CRYPTO_STATIC_MUTEX_INIT;

  86. static unsigned global_next_nid = NUM_NID;

  87. 

  88. static int obj_next_nid(void) {

  89.   int ret;

  90. 

  91.   CRYPTO_STATIC_MUTEX_lock_write(&global_next_nid_lock);

  92.   ret = global_next_nid++;

  93.   CRYPTO_STATIC_MUTEX_unlock_write(&global_next_nid_lock);

  94. 

  95.   return ret;

  96. }

  97. 

  98. ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) {

  99.   ASN1_OBJECT *r;

  100.   unsigned char *data = NULL;

  101.   char *sn = NULL, *ln = NULL;

  102. 

  103.   if (o == NULL) {

  104.     return NULL;

  105.   }

  106. 

  107.   if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {

  108.     // TODO(fork): this is a little dangerous.

  109.     return (ASN1_OBJECT *)o;

  110.   }

  111. 

  112.   r = ASN1_OBJECT_new();

  113.   if (r == NULL) {

  114.     OPENSSL_PUT_ERROR(OBJ, ERR_R_ASN1_LIB);

  115.     return NULL;

  116.   }

  117.   r->ln = r->sn = NULL;

  118. 

  119.   data = OPENSSL_malloc(o->length);

  120.   if (data == NULL) {

  121.     goto err;

  122.   }

  123.   if (o->data != NULL) {

  124.     OPENSSL_memcpy(data, o->data, o->length);

  125.   }

  126. 

  127.   // once data is attached to an object, it remains const

  128.   r->data = data;

  129.   r->length = o->length;

  130.   r->nid = o->nid;

  131. 

  132.   if (o->ln != NULL) {

  133.     ln = OPENSSL_strdup(o->ln);

  134.     if (ln == NULL) {

  135.       goto err;

  136.     }

  137.   }

  138. 

  139.   if (o->sn != NULL) {

  140.     sn = OPENSSL_strdup(o->sn);

  141.     if (sn == NULL) {

  142.       goto err;

  143.     }

  144.   }

  145. 

  146.   r->sn = sn;

  147.   r->ln = ln;

  148. 

  149.   r->flags =

  150.       o->flags | (ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |

  151.                   ASN1_OBJECT_FLAG_DYNAMIC_DATA);

  152.   return r;

  153. 

  154. err:

  155.   OPENSSL_PUT_ERROR(OBJ, ERR_R_MALLOC_FAILURE);

  156.   OPENSSL_free(ln);

  157.   OPENSSL_free(sn);

  158.   OPENSSL_free(data);

  159.   OPENSSL_free(r);

  160.   return NULL;

  161. }

  162. 

  163. int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {

  164.   int ret;

  165. 

  166.   ret = a->length - b->length;

  167.   if (ret) {

  168.     return ret;

  169.   }

  170.   return OPENSSL_memcmp(a->data, b->data, a->length);

  171. }

  172. 

  173. const uint8_t *OBJ_get0_data(const ASN1_OBJECT *obj) {

  174.   if (obj == NULL) {

  175.     return NULL;

  176.   }

  177. 

  178.   return obj->data;

  179. }

  180. 

  181. size_t OBJ_length(const ASN1_OBJECT *obj) {

  182.   if (obj == NULL || obj->length < 0) {

  183.     return 0;

  184.   }

  185. 

  186.   return (size_t)obj->length;

  187. }

  188. 

  189. // obj_cmp is called to search the kNIDsInOIDOrder array. The |key| argument is

  190. // an |ASN1_OBJECT|* that we're looking for and |element| is a pointer to an

  191. // unsigned int in the array.

  192. static int obj_cmp(const void *key, const void *element) {

  193.   unsigned nid = *((const unsigned*) element);

  194.   const ASN1_OBJECT *a = key;

  195.   const ASN1_OBJECT *b = &kObjects[nid];

  196. 

  197.   if (a->length < b->length) {

  198.     return -1;

  199.   } else if (a->length > b->length) {

  200.     return 1;

  201.   }

  202.   return OPENSSL_memcmp(a->data, b->data, a->length);

  203. }

  204. 

  205. int OBJ_obj2nid(const ASN1_OBJECT *obj) {

  206.   const unsigned int *nid_ptr;

  207. 

  208.   if (obj == NULL) {

  209.     return NID_undef;

  210.   }

  211. 

  212.   if (obj->nid != 0) {

  213.     return obj->nid;

  214.   }

  215. 

  216.   CRYPTO_STATIC_MUTEX_lock_read(&global_added_lock);

  217.   if (global_added_by_data != NULL) {

  218.     ASN1_OBJECT *match;

  219. 

  220.     match = lh_ASN1_OBJECT_retrieve(global_added_by_data, obj);

  221.     if (match != NULL) {

  222.       CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);

  223.       return match->nid;

  224.     }

  225.   }

  226.   CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);

  227. 

  228.   nid_ptr = bsearch(obj, kNIDsInOIDOrder, OPENSSL_ARRAY_SIZE(kNIDsInOIDOrder),

  229.                     sizeof(kNIDsInOIDOrder[0]), obj_cmp);

  230.   if (nid_ptr == NULL) {

  231.     return NID_undef;

  232.   }

  233. 

  234.   return kObjects[*nid_ptr].nid;

  235. }

  236. 

  237. int OBJ_cbs2nid(const CBS *cbs) {

  238.   if (CBS_len(cbs) > INT_MAX) {

  239.     return NID_undef;

  240.   }

  241. 

  242.   ASN1_OBJECT obj;

  243.   OPENSSL_memset(&obj, 0, sizeof(obj));

  244.   obj.data = CBS_data(cbs);

  245.   obj.length = (int)CBS_len(cbs);

  246. 

  247.   return OBJ_obj2nid(&obj);

  248. }

  249. 

  250. // short_name_cmp is called to search the kNIDsInShortNameOrder array. The

  251. // |key| argument is name that we're looking for and |element| is a pointer to

  252. // an unsigned int in the array.

  253. static int short_name_cmp(const void *key, const void *element) {

  254.   const char *name = (const char *) key;

  255.   unsigned nid = *((unsigned*) element);

  256. 

  257.   return strcmp(name, kObjects[nid].sn);

  258. }

  259. 

  260. int OBJ_sn2nid(const char *short_name) {

  261.   const unsigned int *nid_ptr;

  262. 

  263.   CRYPTO_STATIC_MUTEX_lock_read(&global_added_lock);

  264.   if (global_added_by_short_name != NULL) {

  265.     ASN1_OBJECT *match, template;

  266. 

  267.     template.sn = short_name;

  268.     match = lh_ASN1_OBJECT_retrieve(global_added_by_short_name, &template);

  269.     if (match != NULL) {

  270.       CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);

  271.       return match->nid;

  272.     }

  273.   }

  274.   CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);

  275. 

  276.   nid_ptr = bsearch(short_name, kNIDsInShortNameOrder,

  277.                     OPENSSL_ARRAY_SIZE(kNIDsInShortNameOrder),

  278.                     sizeof(kNIDsInShortNameOrder[0]), short_name_cmp);

  279.   if (nid_ptr == NULL) {

  280.     return NID_undef;

  281.   }

  282. 

  283.   return kObjects[*nid_ptr].nid;

  284. }

  285. 

  286. // long_name_cmp is called to search the kNIDsInLongNameOrder array. The

  287. // |key| argument is name that we're looking for and |element| is a pointer to

  288. // an unsigned int in the array.

  289. static int long_name_cmp(const void *key, const void *element) {

  290.   const char *name = (const char *) key;

  291.   unsigned nid = *((unsigned*) element);

  292. 

  293.   return strcmp(name, kObjects[nid].ln);

  294. }

  295. 

  296. int OBJ_ln2nid(const char *long_name) {

  297.   const unsigned int *nid_ptr;

  298. 

  299.   CRYPTO_STATIC_MUTEX_lock_read(&global_added_lock);

  300.   if (global_added_by_long_name != NULL) {

  301.     ASN1_OBJECT *match, template;

  302. 

  303.     template.ln = long_name;

  304.     match = lh_ASN1_OBJECT_retrieve(global_added_by_long_name, &template);

  305.     if (match != NULL) {

  306.       CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);

  307.       return match->nid;

  308.     }

  309.   }

  310.   CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);

  311. 

  312.   nid_ptr = bsearch(long_name, kNIDsInLongNameOrder,

  313.                     OPENSSL_ARRAY_SIZE(kNIDsInLongNameOrder),

  314.                     sizeof(kNIDsInLongNameOrder[0]), long_name_cmp);

  315.   if (nid_ptr == NULL) {

  316.     return NID_undef;

  317.   }

  318. 

  319.   return kObjects[*nid_ptr].nid;

  320. }

  321. 

  322. int OBJ_txt2nid(const char *s) {

  323.   ASN1_OBJECT *obj;

  324.   int nid;

  325. 

  326.   obj = OBJ_txt2obj(s, 0 /* search names */);

  327.   nid = OBJ_obj2nid(obj);

  328.   ASN1_OBJECT_free(obj);

  329.   return nid;

  330. }

  331. 

  332. OPENSSL_EXPORT int OBJ_nid2cbb(CBB *out, int nid) {

  333.   const ASN1_OBJECT *obj = OBJ_nid2obj(nid);

  334.   CBB oid;

  335. 

  336.   if (obj == NULL ||

  337.       !CBB_add_asn1(out, &oid, CBS_ASN1_OBJECT) ||

  338.       !CBB_add_bytes(&oid, obj->data, obj->length) ||

  339.       !CBB_flush(out)) {

  340.     return 0;

  341.   }

  342. 

  343.   return 1;

  344. }

  345. 

  346. const ASN1_OBJECT *OBJ_nid2obj(int nid) {

  347.   if (nid >= 0 && nid < NUM_NID) {

  348.     if (nid != NID_undef && kObjects[nid].nid == NID_undef) {

  349.       goto err;

  350.     }

  351.     return &kObjects[nid];

  352.   }

  353. 

  354.   CRYPTO_STATIC_MUTEX_lock_read(&global_added_lock);

  355.   if (global_added_by_nid != NULL) {

  356.     ASN1_OBJECT *match, template;

  357. 

  358.     template.nid = nid;

  359.     match = lh_ASN1_OBJECT_retrieve(global_added_by_nid, &template);

  360.     if (match != NULL) {

  361.       CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);

  362.       return match;

  363.     }

  364.   }

  365.   CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);

  366. 

  367. err:

  368.   OPENSSL_PUT_ERROR(OBJ, OBJ_R_UNKNOWN_NID);

  369.   return NULL;

  370. }

  371. 

  372. const char *OBJ_nid2sn(int nid) {

  373.   const ASN1_OBJECT *obj = OBJ_nid2obj(nid);

  374.   if (obj == NULL) {

  375.     return NULL;

  376.   }

  377. 

  378.   return obj->sn;

  379. }

  380. 

  381. const char *OBJ_nid2ln(int nid) {

  382.   const ASN1_OBJECT *obj = OBJ_nid2obj(nid);

  383.   if (obj == NULL) {

  384.     return NULL;

  385.   }

  386. 

  387.   return obj->ln;

  388. }

  389. 

  390. static ASN1_OBJECT *create_object_with_text_oid(int (*get_nid)(void),

  391.                                                 const char *oid,

  392.                                                 const char *short_name,

  393.                                                 const char *long_name) {

  394.   uint8_t *buf;

  395.   size_t len;

  396.   CBB cbb;

  397.   if (!CBB_init(&cbb, 32) ||

  398.       !CBB_add_asn1_oid_from_text(&cbb, oid, strlen(oid)) ||

  399.       !CBB_finish(&cbb, &buf, &len)) {

  400.     OPENSSL_PUT_ERROR(OBJ, OBJ_R_INVALID_OID_STRING);

  401.     CBB_cleanup(&cbb);

  402.     return NULL;

  403.   }

  404. 

  405.   ASN1_OBJECT *ret = ASN1_OBJECT_create(get_nid ? get_nid() : NID_undef, buf,

  406.                                         len, short_name, long_name);

  407.   OPENSSL_free(buf);

  408.   return ret;

  409. }

  410. 

  411. ASN1_OBJECT *OBJ_txt2obj(const char *s, int dont_search_names) {

  412.   if (!dont_search_names) {

  413.     int nid = OBJ_sn2nid(s);

  414.     if (nid == NID_undef) {

  415.       nid = OBJ_ln2nid(s);

  416.     }

  417. 

  418.     if (nid != NID_undef) {

  419.       return (ASN1_OBJECT*) OBJ_nid2obj(nid);

  420.     }

  421.   }

  422. 

  423.   return create_object_with_text_oid(NULL, s, NULL, NULL);

  424. }

  425. 

  426. static int strlcpy_int(char *dst, const char *src, int dst_size) {

  427.   size_t ret = BUF_strlcpy(dst, src, dst_size < 0 ? 0 : (size_t)dst_size);

  428.   if (ret > INT_MAX) {

  429.     OPENSSL_PUT_ERROR(OBJ, ERR_R_OVERFLOW);

  430.     return -1;

  431.   }

  432.   return (int)ret;

  433. }

  434. 

  435. int OBJ_obj2txt(char *out, int out_len, const ASN1_OBJECT *obj,

  436.                 int always_return_oid) {

  437.   // Python depends on the empty OID successfully encoding as the empty

  438.   // string.

  439.   if (obj == NULL || obj->length == 0) {

  440.     return strlcpy_int(out, "", out_len);

  441.   }

  442. 

  443.   if (!always_return_oid) {

  444.     int nid = OBJ_obj2nid(obj);

  445.     if (nid != NID_undef) {

  446.       const char *name = OBJ_nid2ln(nid);

  447.       if (name == NULL) {

  448.         name = OBJ_nid2sn(nid);

  449.       }

  450.       if (name != NULL) {

  451.         return strlcpy_int(out, name, out_len);

  452.       }

  453.     }

  454.   }

  455. 

  456.   CBS cbs;

  457.   CBS_init(&cbs, obj->data, obj->length);

  458.   char *txt = CBS_asn1_oid_to_text(&cbs);

  459.   if (txt == NULL) {

  460.     if (out_len > 0) {

  461.       out[0] = '\0';

  462.     }

  463.     return -1;

  464.   }

  465. 

  466.   int ret = strlcpy_int(out, txt, out_len);

  467.   OPENSSL_free(txt);

  468.   return ret;

  469. }

  470. 

  471. static uint32_t hash_nid(const ASN1_OBJECT *obj) {

  472.   return obj->nid;

  473. }

  474. 

  475. static int cmp_nid(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {

  476.   return a->nid - b->nid;

  477. }

  478. 

  479. static uint32_t hash_data(const ASN1_OBJECT *obj) {

  480.   return OPENSSL_hash32(obj->data, obj->length);

  481. }

  482. 

  483. static int cmp_data(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {

  484.   int i = a->length - b->length;

  485.   if (i) {

  486.     return i;

  487.   }

  488.   return OPENSSL_memcmp(a->data, b->data, a->length);

  489. }

  490. 

  491. static uint32_t hash_short_name(const ASN1_OBJECT *obj) {

  492.   return lh_strhash(obj->sn);

  493. }

  494. 

  495. static int cmp_short_name(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {

  496.   return strcmp(a->sn, b->sn);

  497. }

  498. 

  499. static uint32_t hash_long_name(const ASN1_OBJECT *obj) {

  500.   return lh_strhash(obj->ln);

  501. }

  502. 

  503. static int cmp_long_name(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {

  504.   return strcmp(a->ln, b->ln);

  505. }

  506. 

  507. // obj_add_object inserts |obj| into the various global hashes for run-time

  508. // added objects. It returns one on success or zero otherwise.

  509. static int obj_add_object(ASN1_OBJECT *obj) {

  510.   int ok;

  511.   ASN1_OBJECT *old_object;

  512. 

  513.   obj->flags &= ~(ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |

  514.                   ASN1_OBJECT_FLAG_DYNAMIC_DATA);

  515. 

  516.   CRYPTO_STATIC_MUTEX_lock_write(&global_added_lock);

  517.   if (global_added_by_nid == NULL) {

  518.     global_added_by_nid = lh_ASN1_OBJECT_new(hash_nid, cmp_nid);

  519.     global_added_by_data = lh_ASN1_OBJECT_new(hash_data, cmp_data);

  520.     global_added_by_short_name = lh_ASN1_OBJECT_new(hash_short_name, cmp_short_name);

  521.     global_added_by_long_name = lh_ASN1_OBJECT_new(hash_long_name, cmp_long_name);

  522.   }

  523. 

  524.   // We don't pay attention to |old_object| (which contains any previous object

  525.   // that was evicted from the hashes) because we don't have a reference count

  526.   // on ASN1_OBJECT values. Also, we should never have duplicates nids and so

  527.   // should always have objects in |global_added_by_nid|.

  528. 

  529.   ok = lh_ASN1_OBJECT_insert(global_added_by_nid, &old_object, obj);

  530.   if (obj->length != 0 && obj->data != NULL) {

  531.     ok &= lh_ASN1_OBJECT_insert(global_added_by_data, &old_object, obj);

  532.   }

  533.   if (obj->sn != NULL) {

  534.     ok &= lh_ASN1_OBJECT_insert(global_added_by_short_name, &old_object, obj);

  535.   }

  536.   if (obj->ln != NULL) {

  537.     ok &= lh_ASN1_OBJECT_insert(global_added_by_long_name, &old_object, obj);

  538.   }

  539.   CRYPTO_STATIC_MUTEX_unlock_write(&global_added_lock);

  540. 

  541.   return ok;

  542. }

  543. 

  544. int OBJ_create(const char *oid, const char *short_name, const char *long_name) {

  545.   ASN1_OBJECT *op =

  546.       create_object_with_text_oid(obj_next_nid, oid, short_name, long_name);

  547.   if (op == NULL ||

  548.       !obj_add_object(op)) {

  549.     return NID_undef;

  550.   }

  551.   return op->nid;

  552. }

  553. 

  554. void OBJ_cleanup(void) {}