1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.] */
57 #if !defined(__STDC_FORMAT_MACROS)
58 #define __STDC_FORMAT_MACROS
61 #include <openssl/obj.h>
67 #include <openssl/asn1.h>
68 #include <openssl/buf.h>
69 #include <openssl/bytestring.h>
70 #include <openssl/err.h>
71 #include <openssl/lhash.h>
72 #include <openssl/mem.h>
73 #include <openssl/thread.h>
76 #include "../internal.h"
79 static struct CRYPTO_STATIC_MUTEX global_added_lock = CRYPTO_STATIC_MUTEX_INIT;
80 // These globals are protected by |global_added_lock|.
81 static LHASH_OF(ASN1_OBJECT) *global_added_by_data = NULL;
82 static LHASH_OF(ASN1_OBJECT) *global_added_by_nid = NULL;
83 static LHASH_OF(ASN1_OBJECT) *global_added_by_short_name = NULL;
84 static LHASH_OF(ASN1_OBJECT) *global_added_by_long_name = NULL;
86 static struct CRYPTO_STATIC_MUTEX global_next_nid_lock =
87 CRYPTO_STATIC_MUTEX_INIT;
88 static unsigned global_next_nid = NUM_NID;
90 static int obj_next_nid(void) {
93 CRYPTO_STATIC_MUTEX_lock_write(&global_next_nid_lock);
94 ret = global_next_nid++;
95 CRYPTO_STATIC_MUTEX_unlock_write(&global_next_nid_lock);
100 ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) {
102 unsigned char *data = NULL;
103 char *sn = NULL, *ln = NULL;
109 if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
110 // TODO(fork): this is a little dangerous.
111 return (ASN1_OBJECT *)o;
114 r = ASN1_OBJECT_new();
116 OPENSSL_PUT_ERROR(OBJ, ERR_R_ASN1_LIB);
119 r->ln = r->sn = NULL;
121 data = OPENSSL_malloc(o->length);
125 if (o->data != NULL) {
126 OPENSSL_memcpy(data, o->data, o->length);
129 // once data is attached to an object, it remains const
131 r->length = o->length;
135 ln = OPENSSL_strdup(o->ln);
142 sn = OPENSSL_strdup(o->sn);
152 o->flags | (ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
153 ASN1_OBJECT_FLAG_DYNAMIC_DATA);
157 OPENSSL_PUT_ERROR(OBJ, ERR_R_MALLOC_FAILURE);
165 int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
168 ret = a->length - b->length;
172 return OPENSSL_memcmp(a->data, b->data, a->length);
175 const uint8_t *OBJ_get0_data(const ASN1_OBJECT *obj) {
183 size_t OBJ_length(const ASN1_OBJECT *obj) {
184 if (obj == NULL || obj->length < 0) {
188 return (size_t)obj->length;
191 // obj_cmp is called to search the kNIDsInOIDOrder array. The |key| argument is
192 // an |ASN1_OBJECT|* that we're looking for and |element| is a pointer to an
193 // unsigned int in the array.
194 static int obj_cmp(const void *key, const void *element) {
195 unsigned nid = *((const unsigned*) element);
196 const ASN1_OBJECT *a = key;
197 const ASN1_OBJECT *b = &kObjects[nid];
199 if (a->length < b->length) {
201 } else if (a->length > b->length) {
204 return OPENSSL_memcmp(a->data, b->data, a->length);
207 int OBJ_obj2nid(const ASN1_OBJECT *obj) {
208 const unsigned int *nid_ptr;
218 CRYPTO_STATIC_MUTEX_lock_read(&global_added_lock);
219 if (global_added_by_data != NULL) {
222 match = lh_ASN1_OBJECT_retrieve(global_added_by_data, obj);
224 CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);
228 CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);
230 nid_ptr = bsearch(obj, kNIDsInOIDOrder, OPENSSL_ARRAY_SIZE(kNIDsInOIDOrder),
231 sizeof(kNIDsInOIDOrder[0]), obj_cmp);
232 if (nid_ptr == NULL) {
236 return kObjects[*nid_ptr].nid;
239 int OBJ_cbs2nid(const CBS *cbs) {
240 if (CBS_len(cbs) > INT_MAX) {
245 OPENSSL_memset(&obj, 0, sizeof(obj));
246 obj.data = CBS_data(cbs);
247 obj.length = (int)CBS_len(cbs);
249 return OBJ_obj2nid(&obj);
252 // short_name_cmp is called to search the kNIDsInShortNameOrder array. The
253 // |key| argument is name that we're looking for and |element| is a pointer to
254 // an unsigned int in the array.
255 static int short_name_cmp(const void *key, const void *element) {
256 const char *name = (const char *) key;
257 unsigned nid = *((unsigned*) element);
259 return strcmp(name, kObjects[nid].sn);
262 int OBJ_sn2nid(const char *short_name) {
263 const unsigned int *nid_ptr;
265 CRYPTO_STATIC_MUTEX_lock_read(&global_added_lock);
266 if (global_added_by_short_name != NULL) {
267 ASN1_OBJECT *match, template;
269 template.sn = short_name;
270 match = lh_ASN1_OBJECT_retrieve(global_added_by_short_name, &template);
272 CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);
276 CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);
278 nid_ptr = bsearch(short_name, kNIDsInShortNameOrder,
279 OPENSSL_ARRAY_SIZE(kNIDsInShortNameOrder),
280 sizeof(kNIDsInShortNameOrder[0]), short_name_cmp);
281 if (nid_ptr == NULL) {
285 return kObjects[*nid_ptr].nid;
288 // long_name_cmp is called to search the kNIDsInLongNameOrder array. The
289 // |key| argument is name that we're looking for and |element| is a pointer to
290 // an unsigned int in the array.
291 static int long_name_cmp(const void *key, const void *element) {
292 const char *name = (const char *) key;
293 unsigned nid = *((unsigned*) element);
295 return strcmp(name, kObjects[nid].ln);
298 int OBJ_ln2nid(const char *long_name) {
299 const unsigned int *nid_ptr;
301 CRYPTO_STATIC_MUTEX_lock_read(&global_added_lock);
302 if (global_added_by_long_name != NULL) {
303 ASN1_OBJECT *match, template;
305 template.ln = long_name;
306 match = lh_ASN1_OBJECT_retrieve(global_added_by_long_name, &template);
308 CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);
312 CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);
314 nid_ptr = bsearch(long_name, kNIDsInLongNameOrder,
315 OPENSSL_ARRAY_SIZE(kNIDsInLongNameOrder),
316 sizeof(kNIDsInLongNameOrder[0]), long_name_cmp);
317 if (nid_ptr == NULL) {
321 return kObjects[*nid_ptr].nid;
324 int OBJ_txt2nid(const char *s) {
328 obj = OBJ_txt2obj(s, 0 /* search names */);
329 nid = OBJ_obj2nid(obj);
330 ASN1_OBJECT_free(obj);
334 OPENSSL_EXPORT int OBJ_nid2cbb(CBB *out, int nid) {
335 const ASN1_OBJECT *obj = OBJ_nid2obj(nid);
339 !CBB_add_asn1(out, &oid, CBS_ASN1_OBJECT) ||
340 !CBB_add_bytes(&oid, obj->data, obj->length) ||
348 const ASN1_OBJECT *OBJ_nid2obj(int nid) {
349 if (nid >= 0 && nid < NUM_NID) {
350 if (nid != NID_undef && kObjects[nid].nid == NID_undef) {
353 return &kObjects[nid];
356 CRYPTO_STATIC_MUTEX_lock_read(&global_added_lock);
357 if (global_added_by_nid != NULL) {
358 ASN1_OBJECT *match, template;
361 match = lh_ASN1_OBJECT_retrieve(global_added_by_nid, &template);
363 CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);
367 CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);
370 OPENSSL_PUT_ERROR(OBJ, OBJ_R_UNKNOWN_NID);
374 const char *OBJ_nid2sn(int nid) {
375 const ASN1_OBJECT *obj = OBJ_nid2obj(nid);
383 const char *OBJ_nid2ln(int nid) {
384 const ASN1_OBJECT *obj = OBJ_nid2obj(nid);
392 static ASN1_OBJECT *create_object_with_text_oid(int (*get_nid)(void),
394 const char *short_name,
395 const char *long_name) {
399 if (!CBB_init(&cbb, 32) ||
400 !CBB_add_asn1_oid_from_text(&cbb, oid, strlen(oid)) ||
401 !CBB_finish(&cbb, &buf, &len)) {
402 OPENSSL_PUT_ERROR(OBJ, OBJ_R_INVALID_OID_STRING);
407 ASN1_OBJECT *ret = ASN1_OBJECT_create(get_nid ? get_nid() : NID_undef, buf,
408 len, short_name, long_name);
413 ASN1_OBJECT *OBJ_txt2obj(const char *s, int dont_search_names) {
414 if (!dont_search_names) {
415 int nid = OBJ_sn2nid(s);
416 if (nid == NID_undef) {
420 if (nid != NID_undef) {
421 return (ASN1_OBJECT*) OBJ_nid2obj(nid);
425 return create_object_with_text_oid(NULL, s, NULL, NULL);
428 static int strlcpy_int(char *dst, const char *src, int dst_size) {
429 size_t ret = BUF_strlcpy(dst, src, dst_size < 0 ? 0 : (size_t)dst_size);
431 OPENSSL_PUT_ERROR(OBJ, ERR_R_OVERFLOW);
437 int OBJ_obj2txt(char *out, int out_len, const ASN1_OBJECT *obj,
438 int always_return_oid) {
439 // Python depends on the empty OID successfully encoding as the empty
441 if (obj == NULL || obj->length == 0) {
442 return strlcpy_int(out, "", out_len);
445 if (!always_return_oid) {
446 int nid = OBJ_obj2nid(obj);
447 if (nid != NID_undef) {
448 const char *name = OBJ_nid2ln(nid);
450 name = OBJ_nid2sn(nid);
453 return strlcpy_int(out, name, out_len);
459 CBS_init(&cbs, obj->data, obj->length);
460 char *txt = CBS_asn1_oid_to_text(&cbs);
468 int ret = strlcpy_int(out, txt, out_len);
473 static uint32_t hash_nid(const ASN1_OBJECT *obj) {
477 static int cmp_nid(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
478 return a->nid - b->nid;
481 static uint32_t hash_data(const ASN1_OBJECT *obj) {
482 return OPENSSL_hash32(obj->data, obj->length);
485 static int cmp_data(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
486 int i = a->length - b->length;
490 return OPENSSL_memcmp(a->data, b->data, a->length);
493 static uint32_t hash_short_name(const ASN1_OBJECT *obj) {
494 return lh_strhash(obj->sn);
497 static int cmp_short_name(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
498 return strcmp(a->sn, b->sn);
501 static uint32_t hash_long_name(const ASN1_OBJECT *obj) {
502 return lh_strhash(obj->ln);
505 static int cmp_long_name(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
506 return strcmp(a->ln, b->ln);
509 // obj_add_object inserts |obj| into the various global hashes for run-time
510 // added objects. It returns one on success or zero otherwise.
511 static int obj_add_object(ASN1_OBJECT *obj) {
513 ASN1_OBJECT *old_object;
515 obj->flags &= ~(ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
516 ASN1_OBJECT_FLAG_DYNAMIC_DATA);
518 CRYPTO_STATIC_MUTEX_lock_write(&global_added_lock);
519 if (global_added_by_nid == NULL) {
520 global_added_by_nid = lh_ASN1_OBJECT_new(hash_nid, cmp_nid);
521 global_added_by_data = lh_ASN1_OBJECT_new(hash_data, cmp_data);
522 global_added_by_short_name = lh_ASN1_OBJECT_new(hash_short_name, cmp_short_name);
523 global_added_by_long_name = lh_ASN1_OBJECT_new(hash_long_name, cmp_long_name);
526 // We don't pay attention to |old_object| (which contains any previous object
527 // that was evicted from the hashes) because we don't have a reference count
528 // on ASN1_OBJECT values. Also, we should never have duplicates nids and so
529 // should always have objects in |global_added_by_nid|.
531 ok = lh_ASN1_OBJECT_insert(global_added_by_nid, &old_object, obj);
532 if (obj->length != 0 && obj->data != NULL) {
533 ok &= lh_ASN1_OBJECT_insert(global_added_by_data, &old_object, obj);
535 if (obj->sn != NULL) {
536 ok &= lh_ASN1_OBJECT_insert(global_added_by_short_name, &old_object, obj);
538 if (obj->ln != NULL) {
539 ok &= lh_ASN1_OBJECT_insert(global_added_by_long_name, &old_object, obj);
541 CRYPTO_STATIC_MUTEX_unlock_write(&global_added_lock);
546 int OBJ_create(const char *oid, const char *short_name, const char *long_name) {
548 create_object_with_text_oid(obj_next_nid, oid, short_name, long_name);
550 !obj_add_object(op)) {