FEAT: form-oid function for conversion of OID binary value into its numeric string format

Oldes · Oldes · commit f0d33e55e2eb · 2022-02-17T17:33:34.000+01:00
diff --git a/make/rebol3.nest b/make/rebol3.nest
@@ -701,6 +701,8 @@ include-prot-mysql:          [mezz-prot-files: %mezz/prot-mysql.reb         ]
 
 include-prebol:              [mezz-lib-files: %modules/prebol.reb           ]
 
+include-native-oid: [core-files: %core/n-oid.c] ; `form-oid` native (used in DER codec)
+
 include-https: [
 	:include-bincode
 	:include-cryptography
@@ -770,6 +772,7 @@ include-rebol-bulk: [
 	:include-prot-mysql
 
 	:include-dialecting  ;`delect`
+	:include-native-oid  ;`form-oid`
 
 	config: INCLUDE_PNG_FILTER ; includes `filter` and `unfilter` natives
 
diff --git a/src/core/n-oid.c b/src/core/n-oid.c
@@ -0,0 +1,100 @@
+/***********************************************************************
+**
+**  REBOL [R3] Language Interpreter and Run-time Environment
+**
+**  Copyright 2012 REBOL Technologies
+**  Copyright 2012-2022 Rebol Open Source Contributors
+**  REBOL is a trademark of REBOL Technologies
+**
+**  Licensed under the Apache License, Version 2.0 (the "License");
+**  you may not use this file except in compliance with the License.
+**  You may obtain a copy of the License at
+**
+**  http://www.apache.org/licenses/LICENSE-2.0
+**
+**  Unless required by applicable law or agreed to in writing, software
+**  distributed under the License is distributed on an "AS IS" BASIS,
+**  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+**  See the License for the specific language governing permissions and
+**  limitations under the License.
+**
+************************************************************************
+**
+**  Module:  n-oid.c
+**  Summary: native function for object identifiers (OID)
+**  Section: natives
+**  Author:  Oldes
+**  Notes:   Based on code from mbedTLS
+**
+***********************************************************************/
+
+#include <stdio.h>
+#include "sys-core.h"
+
+/***********************************************************************
+**
+*/	REBNATIVE(form_oid)
+/*
+//  form-oid: native [
+//		"Return the x.y.z.... style numeric string for the given OID"
+//		oid [binary!]
+//  ]
+***********************************************************************/
+{
+	REBVAL *val_oid = D_ARG(1);
+	REBSER *out;
+	REBYTE *oid;
+	REBCNT  len, value;
+	int ret = 0;
+	size_t i, n;
+	char *p;
+
+	oid = VAL_BIN_AT(val_oid);
+	len = VAL_LEN(val_oid);
+	out = Make_Binary(3 * len); // len * 3 should be enough to hold the result
+	p = SERIES_DATA(out);
+	n = SERIES_AVAIL(out);
+
+	if (len > 0) {
+		ret = snprintf(p, n, "%d.%d", oid[0] / 40, oid[0] % 40);
+		//Minimal series is 8 bytes so it must be enough to hold first 2 integers
+		//if (ret >= n) {
+		//	Extend_Series(out, ret - n + 1); // may reallocate p!
+		//	p = SERIES_DATA(out) + SERIES_TAIL(out);
+		//	n = SERIES_REST(out) - SERIES_TAIL(out);
+		//	ret = snprintf(p, n, "%d.%d", oid[0] / 40, oid[0] % 40);
+		//}
+		if (ret < 0) return R_ARG1; // error!
+		SERIES_TAIL(out) += ret;
+		n -= (size_t)ret;
+		p += (size_t)ret;
+	}
+
+	value = 0;
+	for (i = 1; i < len; i++) {
+		/* Prevent overflow in value. */
+		if (((value << 7) >> 7) != value)
+			return R_ARG1; // error!
+
+		value <<= 7;
+		value += oid[i] & 0x7F;
+
+		if (!(oid[i] & 0x80)) {
+			/* Last byte */
+			ret = snprintf(p, n, ".%u", value);
+			if (ret >= n) {
+				Extend_Series(out, ret - n + 1); // may reallocate p!
+				p = SERIES_DATA(out) + SERIES_TAIL(out);
+				n = SERIES_AVAIL(out);
+				ret = snprintf(p, n, ".%u", value);
+			}
+			if (ret < 0) return R_ARG1; // error!
+			SERIES_TAIL(out) += ret;
+			n -= (size_t)ret;
+			p += (size_t)ret;
+			value = 0;
+		}
+	}
+	SET_STRING(D_RET, out);
+	return R_RET;
+}
diff --git a/src/mezz/codec-der.reb b/src/mezz/codec-der.reb
@@ -2,10 +2,11 @@ REBOL [
 	title: "REBOL3 codec for DER/BER structures"
 	name: 'codec-der
 	author: "Oldes"
-	version: 0.1.0
-	date:    17-Oct-2018
+	version: 0.2.0
+	date:    17-Feb-2022
 	history: [
 		0.1.0 17-Oct-2018 "Oldes" {Initial version with DECODE and IDENTIFY functions.}
+		0.2.0 17-Feb-2022 "Oldes" {Including `form-id`}
 	]
 	notes: {
 	Useful command for cross-testing:
@@ -198,7 +199,33 @@ register-codec [
 		BMP_STRING        ;= 1e Basic Multilingual Plane/Unicode string
 	]
 
+	form-OID: either find lib 'form-oid [
+		; native version
+		:lib/form-oid
+	][
+		function[
+			"Return the x.y.z.... style numeric string for the given OID"
+			oid [binary!]
+		][
+			len: length?  oid
+			out: make string! 3 * len
+			append out ajoin [to integer! oid/1 / 40  #"."  oid/1 % 40]
+			++ oid
+			value: 0
+			while [not tail? oid][
+				value: (value << 7)
+				value: value + (oid/1 & 127)
+				if oid/1 & 128 = 0 [
+					append append out #"." value
+					value: 0
+				]
+				++ oid
+			]
+			out
+		]
+	]
 	decode-OID: function[
+		"Convert given OID to its name if recognized or a numeric string"
 		oid [binary!]
 		/full "Returns name with group name as a string"
 		/local main name warn
@@ -237,10 +264,16 @@ register-codec [
 					;| #"^(03)"  (name: 'prime192v3)  
 					| #"^(01)"  (name: 'secp192r1)
 				]
+				| #{0403} [
+					  #"^(01)" (name: 'ecdsa-with-SHA224)
+					| #"^(02)" (name: 'ecdsa-with-SHA256)
+					| #"^(03)" (name: 'ecdsa-with-SHA384)
+					| #"^(04)" (name: 'ecdsa-with-SHA512)
+				]
 			]
 			|
 			#{2A864886F70D01} [
-				#{01} (main: "PKCS #1") [
+				#"^(01)" (main: "PKCS #1") [
 					  #"^(01)" (name: 'rsaEncryption)
 					| #"^(02)" (name: 'md2WithRSAEncryption)
 					| #"^(03)" (name: 'md4withRSAEncryption)
@@ -252,13 +285,13 @@ register-codec [
 
 				] end
 				|
-				#{07} (main: "PKCS #7") [
+				#"^(07)" (main: "PKCS #7") [
 					  #"^(01)" (name: 'data)
 					| #"^(02)" (name: 'signedData)
 					| #"^(06)" (name: 'encryptedData)
 				] end
 				|
-				#{09} (main: "PKCS #9") [
+				#"^(09)" (main: "PKCS #9") [
 				;http://oid-info.com/get/1.2.840.113549.1.9
 					  #"^(01)" (name: 'emailAddress warn: "Deprecated, use an altName extension instead")
 					| #"^(03)" (name: 'contentType)
@@ -270,7 +303,7 @@ register-codec [
 					| #"^(34)" (name: 'CMSAlgorithmProtect)
 				] end
 				|
-				#{0C} (main: "PKCS #12") [
+				#"^(0C)" (main: "PKCS #12") [
 					  #{0106}   (name: 'pbeWithSHAAnd40BitRC2-CBC)
 					| #{0103}   (name: 'pbeWithSHAAnd3-KeyTripleDES-CBC)
 					| #{0A0102} (name: 'pkcs-12-pkcs-8ShroudedKeyBag)
@@ -312,8 +345,40 @@ register-codec [
 			|
 			#{2B060105050703} (main: "PKIX key purpose") [
 				  #"^(01)" (name: 'serverAuth)
-				  #"^(02)" (name: 'clientAuth)
+				| #"^(02)" (name: 'clientAuth)
 				| #"^(03)" (name: 'codeSigning)
+				| #"^(04)" (name: 'emailProtection)
+				;| #"^(05)" (name: 'ipsecEndSystem)
+				;| #"^(06)" (name: 'ipsecTunnel)
+				;| #"^(07)" (name: 'ipsecUser)
+				| #"^(08)" (name: 'timeStamping)
+				;| #"^(09)" (name: 'OCSPSigning)
+				;| #"^(0A)" (name: 'dvcs)
+				;| #"^(0B)" (name: 'sbgpCertAAServerAuth)
+				;| #"^(0C)" (name: 'scvp)
+				;| #"^(0D)" (name: 'eapOverPPP)
+				;| #"^(0E)" (name: 'eapOverLAN)
+				;| #"^(0F)" (name: 'scvpServer)
+				;| #"^(10)" (name: 'scvpClient)
+				;| #"^(11)" (name: 'ipsecIKE)
+				;| #"^(12)" (name: 'capwapAC)
+				;| #"^(13)" (name: 'capwapWTP)
+				;| #"^(14)" (name: 'sipDomain)
+				;| #"^(15)" (name: 'secureShellClient)
+				;| #"^(16)" (name: 'secureShellServer)
+				;| #"^(17)" (name: 'sendRouter)
+				;| #"^(18)" (name: 'sendProxiedRouter)
+				;| #"^(19)" (name: 'sendOwner)
+				;| #"^(1A)" (name: 'sendProxiedOwner)
+				;| #"^(1B)" (name: 'cmcCA)
+				;| #"^(1C)" (name: 'cmcRA)
+				;| #"^(1D)" (name: 'cmcArchive)
+				;| #"^(1E)" (name: 'bgpsec-router)
+				;| #"^(1F)" (name: 'BrandIndicatorforMessageIdentification)
+				;| #"^(20)" (name: 'cmKGA)
+				;| #"^(21)" (name: 'rpcTLSClient)
+				;| #"^(22)" (name: 'rpcTLSServer)
+				;| #"^(23)" (name: 'bundleSecurity)
 			] end
 			|
 			#{2B0601040182370201} (main: "Microsoft") [
@@ -328,7 +393,7 @@ register-codec [
 			either full [
 				rejoin [ any [name "<?name>"] " (" any [main "<?main>"] ")"]
 			][	name ]
-		][ oid ]
+		][ form-oid oid ]
 	]
 
 	verbose: 0
diff --git a/src/tests/units/codecs-test.r3 b/src/tests/units/codecs-test.r3
@@ -199,6 +199,14 @@ if find codecs 'der [
 			--assert binary? try [c: b/sequence/sequence/4/2]
 			--assert block? d: decode 'DER c
 
+		--test-- "form-OID"
+			--assert "2.5.29.17" = codecs/der/form-oid #{551D11}
+			--assert "1.2.840.10045.4.3.2" = codecs/der/form-oid #{2A8648CE3D040302}
+
+		--test-- "decode-OID"
+			--assert 'subjectAltName = codecs/der/decode-oid #{551D11}
+			--assert 'ecdsa-with-SHA256 = codecs/der/decode-oid #{2A8648CE3D040302}
+
 	===end-group===
 	codecs/der/verbose: 0
 ]
