a_object.c 10 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386
  1. /*
  2. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <limits.h>
  11. #include "crypto/ctype.h"
  12. #include "internal/cryptlib.h"
  13. #include <openssl/buffer.h>
  14. #include <openssl/asn1.h>
  15. #include <openssl/objects.h>
  16. #include <openssl/bn.h>
  17. #include "crypto/asn1.h"
  18. #include "asn1_local.h"
  19. int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp)
  20. {
  21. unsigned char *p, *allocated = NULL;
  22. int objsize;
  23. if ((a == NULL) || (a->data == NULL))
  24. return 0;
  25. objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT);
  26. if (pp == NULL || objsize == -1)
  27. return objsize;
  28. if (*pp == NULL) {
  29. if ((p = allocated = OPENSSL_malloc(objsize)) == NULL) {
  30. ASN1err(ASN1_F_I2D_ASN1_OBJECT, ERR_R_MALLOC_FAILURE);
  31. return 0;
  32. }
  33. } else {
  34. p = *pp;
  35. }
  36. ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
  37. memcpy(p, a->data, a->length);
  38. /*
  39. * If a new buffer was allocated, just return it back.
  40. * If not, return the incremented buffer pointer.
  41. */
  42. *pp = allocated != NULL ? allocated : p + a->length;
  43. return objsize;
  44. }
  45. int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
  46. {
  47. int i, first, len = 0, c, use_bn;
  48. char ftmp[24], *tmp = ftmp;
  49. int tmpsize = sizeof(ftmp);
  50. const char *p;
  51. unsigned long l;
  52. BIGNUM *bl = NULL;
  53. if (num == 0)
  54. return 0;
  55. else if (num == -1)
  56. num = strlen(buf);
  57. p = buf;
  58. c = *(p++);
  59. num--;
  60. if ((c >= '0') && (c <= '2')) {
  61. first = c - '0';
  62. } else {
  63. ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_FIRST_NUM_TOO_LARGE);
  64. goto err;
  65. }
  66. if (num <= 0) {
  67. ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_MISSING_SECOND_NUMBER);
  68. goto err;
  69. }
  70. c = *(p++);
  71. num--;
  72. for (;;) {
  73. if (num <= 0)
  74. break;
  75. if ((c != '.') && (c != ' ')) {
  76. ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_INVALID_SEPARATOR);
  77. goto err;
  78. }
  79. l = 0;
  80. use_bn = 0;
  81. for (;;) {
  82. if (num <= 0)
  83. break;
  84. num--;
  85. c = *(p++);
  86. if ((c == ' ') || (c == '.'))
  87. break;
  88. if (!ossl_isdigit(c)) {
  89. ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_INVALID_DIGIT);
  90. goto err;
  91. }
  92. if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) {
  93. use_bn = 1;
  94. if (bl == NULL)
  95. bl = BN_new();
  96. if (bl == NULL || !BN_set_word(bl, l))
  97. goto err;
  98. }
  99. if (use_bn) {
  100. if (!BN_mul_word(bl, 10L)
  101. || !BN_add_word(bl, c - '0'))
  102. goto err;
  103. } else
  104. l = l * 10L + (long)(c - '0');
  105. }
  106. if (len == 0) {
  107. if ((first < 2) && (l >= 40)) {
  108. ASN1err(ASN1_F_A2D_ASN1_OBJECT,
  109. ASN1_R_SECOND_NUMBER_TOO_LARGE);
  110. goto err;
  111. }
  112. if (use_bn) {
  113. if (!BN_add_word(bl, first * 40))
  114. goto err;
  115. } else
  116. l += (long)first *40;
  117. }
  118. i = 0;
  119. if (use_bn) {
  120. int blsize;
  121. blsize = BN_num_bits(bl);
  122. blsize = (blsize + 6) / 7;
  123. if (blsize > tmpsize) {
  124. if (tmp != ftmp)
  125. OPENSSL_free(tmp);
  126. tmpsize = blsize + 32;
  127. tmp = OPENSSL_malloc(tmpsize);
  128. if (tmp == NULL)
  129. goto err;
  130. }
  131. while (blsize--) {
  132. BN_ULONG t = BN_div_word(bl, 0x80L);
  133. if (t == (BN_ULONG)-1)
  134. goto err;
  135. tmp[i++] = (unsigned char)t;
  136. }
  137. } else {
  138. for (;;) {
  139. tmp[i++] = (unsigned char)l & 0x7f;
  140. l >>= 7L;
  141. if (l == 0L)
  142. break;
  143. }
  144. }
  145. if (out != NULL) {
  146. if (len + i > olen) {
  147. ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_BUFFER_TOO_SMALL);
  148. goto err;
  149. }
  150. while (--i > 0)
  151. out[len++] = tmp[i] | 0x80;
  152. out[len++] = tmp[0];
  153. } else
  154. len += i;
  155. }
  156. if (tmp != ftmp)
  157. OPENSSL_free(tmp);
  158. BN_free(bl);
  159. return len;
  160. err:
  161. if (tmp != ftmp)
  162. OPENSSL_free(tmp);
  163. BN_free(bl);
  164. return 0;
  165. }
  166. int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a)
  167. {
  168. return OBJ_obj2txt(buf, buf_len, a, 0);
  169. }
  170. int i2a_ASN1_OBJECT(BIO *bp, const ASN1_OBJECT *a)
  171. {
  172. char buf[80], *p = buf;
  173. int i;
  174. if ((a == NULL) || (a->data == NULL))
  175. return BIO_write(bp, "NULL", 4);
  176. i = i2t_ASN1_OBJECT(buf, sizeof(buf), a);
  177. if (i > (int)(sizeof(buf) - 1)) {
  178. if ((p = OPENSSL_malloc(i + 1)) == NULL) {
  179. ASN1err(ASN1_F_I2A_ASN1_OBJECT, ERR_R_MALLOC_FAILURE);
  180. return -1;
  181. }
  182. i2t_ASN1_OBJECT(p, i + 1, a);
  183. }
  184. if (i <= 0) {
  185. i = BIO_write(bp, "<INVALID>", 9);
  186. i += BIO_dump(bp, (const char *)a->data, a->length);
  187. return i;
  188. }
  189. BIO_write(bp, p, i);
  190. if (p != buf)
  191. OPENSSL_free(p);
  192. return i;
  193. }
  194. ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
  195. long length)
  196. {
  197. const unsigned char *p;
  198. long len;
  199. int tag, xclass;
  200. int inf, i;
  201. ASN1_OBJECT *ret = NULL;
  202. p = *pp;
  203. inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
  204. if (inf & 0x80) {
  205. i = ASN1_R_BAD_OBJECT_HEADER;
  206. goto err;
  207. }
  208. if (tag != V_ASN1_OBJECT) {
  209. i = ASN1_R_EXPECTING_AN_OBJECT;
  210. goto err;
  211. }
  212. ret = c2i_ASN1_OBJECT(a, &p, len);
  213. if (ret)
  214. *pp = p;
  215. return ret;
  216. err:
  217. ASN1err(ASN1_F_D2I_ASN1_OBJECT, i);
  218. return NULL;
  219. }
  220. ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
  221. long len)
  222. {
  223. ASN1_OBJECT *ret = NULL, tobj;
  224. const unsigned char *p;
  225. unsigned char *data;
  226. int i, length;
  227. /*
  228. * Sanity check OID encoding. Need at least one content octet. MSB must
  229. * be clear in the last octet. can't have leading 0x80 in subidentifiers,
  230. * see: X.690 8.19.2
  231. */
  232. if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL ||
  233. p[len - 1] & 0x80) {
  234. ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
  235. return NULL;
  236. }
  237. /* Now 0 < len <= INT_MAX, so the cast is safe. */
  238. length = (int)len;
  239. /*
  240. * Try to lookup OID in table: these are all valid encodings so if we get
  241. * a match we know the OID is valid.
  242. */
  243. tobj.nid = NID_undef;
  244. tobj.data = p;
  245. tobj.length = length;
  246. tobj.flags = 0;
  247. i = OBJ_obj2nid(&tobj);
  248. if (i != NID_undef) {
  249. /*
  250. * Return shared registered OID object: this improves efficiency
  251. * because we don't have to return a dynamically allocated OID
  252. * and NID lookups can use the cached value.
  253. */
  254. ret = OBJ_nid2obj(i);
  255. if (a) {
  256. ASN1_OBJECT_free(*a);
  257. *a = ret;
  258. }
  259. *pp += len;
  260. return ret;
  261. }
  262. for (i = 0; i < length; i++, p++) {
  263. if (*p == 0x80 && (!i || !(p[-1] & 0x80))) {
  264. ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
  265. return NULL;
  266. }
  267. }
  268. if ((a == NULL) || ((*a) == NULL) ||
  269. !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
  270. if ((ret = ASN1_OBJECT_new()) == NULL)
  271. return NULL;
  272. } else {
  273. ret = (*a);
  274. }
  275. p = *pp;
  276. /* detach data from object */
  277. data = (unsigned char *)ret->data;
  278. ret->data = NULL;
  279. /* once detached we can change it */
  280. if ((data == NULL) || (ret->length < length)) {
  281. ret->length = 0;
  282. OPENSSL_free(data);
  283. data = OPENSSL_malloc(length);
  284. if (data == NULL) {
  285. i = ERR_R_MALLOC_FAILURE;
  286. goto err;
  287. }
  288. ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
  289. }
  290. memcpy(data, p, length);
  291. /* If there are dynamic strings, free them here, and clear the flag */
  292. if ((ret->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) != 0) {
  293. OPENSSL_free((char *)ret->sn);
  294. OPENSSL_free((char *)ret->ln);
  295. ret->flags &= ~ASN1_OBJECT_FLAG_DYNAMIC_STRINGS;
  296. }
  297. /* reattach data to object, after which it remains const */
  298. ret->data = data;
  299. ret->length = length;
  300. ret->sn = NULL;
  301. ret->ln = NULL;
  302. /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
  303. p += length;
  304. if (a != NULL)
  305. (*a) = ret;
  306. *pp = p;
  307. return ret;
  308. err:
  309. ASN1err(ASN1_F_C2I_ASN1_OBJECT, i);
  310. if ((a == NULL) || (*a != ret))
  311. ASN1_OBJECT_free(ret);
  312. return NULL;
  313. }
  314. ASN1_OBJECT *ASN1_OBJECT_new(void)
  315. {
  316. ASN1_OBJECT *ret;
  317. ret = OPENSSL_zalloc(sizeof(*ret));
  318. if (ret == NULL) {
  319. ASN1err(ASN1_F_ASN1_OBJECT_NEW, ERR_R_MALLOC_FAILURE);
  320. return NULL;
  321. }
  322. ret->flags = ASN1_OBJECT_FLAG_DYNAMIC;
  323. return ret;
  324. }
  325. void ASN1_OBJECT_free(ASN1_OBJECT *a)
  326. {
  327. if (a == NULL)
  328. return;
  329. if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) {
  330. #ifndef CONST_STRICT /* disable purely for compile-time strict
  331. * const checking. Doing this on a "real"
  332. * compile will cause memory leaks */
  333. OPENSSL_free((void*)a->sn);
  334. OPENSSL_free((void*)a->ln);
  335. #endif
  336. a->sn = a->ln = NULL;
  337. }
  338. if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) {
  339. OPENSSL_free((void*)a->data);
  340. a->data = NULL;
  341. a->length = 0;
  342. }
  343. if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
  344. OPENSSL_free(a);
  345. }
  346. ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
  347. const char *sn, const char *ln)
  348. {
  349. ASN1_OBJECT o;
  350. o.sn = sn;
  351. o.ln = ln;
  352. o.data = data;
  353. o.nid = nid;
  354. o.length = len;
  355. o.flags = ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
  356. ASN1_OBJECT_FLAG_DYNAMIC_DATA;
  357. return OBJ_dup(&o);
  358. }