Add ASN1_item_i2d_mem_bio(); document and improve also ASN1_item_d2i_bio()

ASN1_item_d2i_bio(): Do not report errors in queue on BIO input being NULL

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15147)

6 files changed, 74 insertions, 1 deletions

diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c
index b6faa0f2ae..2c7acb34e0 100644
--- a/crypto/asn1/a_d2i_fp.c
+++ b/crypto/asn1/a_d2i_fp.c
@@ -62,6 +62,8 @@ void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
     void *ret = NULL;
     int len;
 
+    if (in == NULL)
+        return NULL;
     len = asn1_d2i_read_bio(in, &b);
     if (len < 0)
         goto err;
diff --git a/crypto/asn1/a_i2d_fp.c b/crypto/asn1/a_i2d_fp.c
index efc839e615..482ee627b1 100644
--- a/crypto/asn1/a_i2d_fp.c
+++ b/crypto/asn1/a_i2d_fp.c
@@ -109,3 +109,21 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, const void *x)
     OPENSSL_free(b);
     return ret;
 }
+
+BIO *ASN1_item_i2d_mem_bio(const ASN1_ITEM *it, const ASN1_VALUE *val)
+{
+    BIO *res;
+
+    if (it == NULL || val == NULL) {
+        ERR_raise(ERR_LIB_ASN1, ERR_R_PASSED_NULL_PARAMETER);
+        return NULL;
+    }
+
+    if ((res = BIO_new(BIO_s_mem())) == NULL)
+        return NULL;
+    if (ASN1_item_i2d_bio(it, res, val) <= 0) {
+        BIO_free(res);
+        res = NULL;
+    }
+    return res;
+}
diff --git a/doc/build.info b/doc/build.info
index ec3baa2373..af0e0e0539 100644
--- a/doc/build.info
+++ b/doc/build.info
@@ -514,6 +514,10 @@ DEPEND[html/man3/ASN1_generate_nconf.html]=man3/ASN1_generate_nconf.pod
 GENERATE[html/man3/ASN1_generate_nconf.html]=man3/ASN1_generate_nconf.pod
 DEPEND[man/man3/ASN1_generate_nconf.3]=man3/ASN1_generate_nconf.pod
 GENERATE[man/man3/ASN1_generate_nconf.3]=man3/ASN1_generate_nconf.pod
+DEPEND[html/man3/ASN1_item_d2i_bio.html]=man3/ASN1_item_d2i_bio.pod
+GENERATE[html/man3/ASN1_item_d2i_bio.html]=man3/ASN1_item_d2i_bio.pod
+DEPEND[man/man3/ASN1_item_d2i_bio.3]=man3/ASN1_item_d2i_bio.pod
+GENERATE[man/man3/ASN1_item_d2i_bio.3]=man3/ASN1_item_d2i_bio.pod
 DEPEND[html/man3/ASN1_item_sign.html]=man3/ASN1_item_sign.pod
 GENERATE[html/man3/ASN1_item_sign.html]=man3/ASN1_item_sign.pod
 DEPEND[man/man3/ASN1_item_sign.3]=man3/ASN1_item_sign.pod
@@ -2826,6 +2830,7 @@ html/man3/ASN1_STRING_print_ex.html \
 html/man3/ASN1_TIME_set.html \
 html/man3/ASN1_TYPE_get.html \
 html/man3/ASN1_generate_nconf.html \
+html/man3/ASN1_item_d2i_bio.html \
 html/man3/ASN1_item_sign.html \
 html/man3/ASYNC_WAIT_CTX_new.html \
 html/man3/ASYNC_start_job.html \
@@ -3413,6 +3418,7 @@ man/man3/ASN1_STRING_print_ex.3 \
 man/man3/ASN1_TIME_set.3 \
 man/man3/ASN1_TYPE_get.3 \
 man/man3/ASN1_generate_nconf.3 \
+man/man3/ASN1_item_d2i_bio.3 \
 man/man3/ASN1_item_sign.3 \
 man/man3/ASYNC_WAIT_CTX_new.3 \
 man/man3/ASYNC_start_job.3 \
diff --git a/doc/man3/ASN1_item_d2i_bio.pod b/doc/man3/ASN1_item_d2i_bio.pod
new file mode 100644
index 0000000000..4ec7da838c
--- /dev/null
+++ b/doc/man3/ASN1_item_d2i_bio.pod
@@ -0,0 +1,45 @@
+=pod
+
+=head1 NAME
+
+ASN1_item_d2i_bio,
+ASN1_item_i2d_mem_bio
+- decode and encode DER-encoded ASN.1 structures
+
+=head1 SYNOPSIS
+
+ #include <openssl/asn1.h>
+
+ void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *pval);
+ BIO *ASN1_item_i2d_mem_bio(const ASN1_ITEM *it, const ASN1_VALUE *val);
+
+=head1 DESCRIPTION
+
+ASN1_item_d2i_bio() decodes the contents of its input BIO I<in>,
+which must be a DER-encoded ASN.1 structure, using the ASN.1 template I<it>
+and places the result in I<*pval> unless I<pval> is NULL.
+If I<in> is NULL it returns NULL, else a pointer to the parsed structure.
+
+ASN1_item_i2d_mem_bio() encodes the given ASN.1 value I<val>
+using the ASN.1 template I<it> and returns the result in a memory BIO.
+
+=head1 RETURN VALUES
+
+ASN1_item_d2i_bio() returns a pointer to an B<ASN1_VALUE> or NULL.
+
+ASN1_item_i2d_mem_bio() returns a pointer to a memory BIO or NULL on error.
+
+=head1 HISTORY
+
+The functions described here were added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/include/openssl/asn1.h.in b/include/openssl/asn1.h.in
index 6a00b3e7f7..0ee82e7d58 100644
--- a/include/openssl/asn1.h.in
+++ b/include/openssl/asn1.h.in
@@ -784,7 +784,7 @@ void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
                           in, \
                           CHECKED_PPTR_OF(type, x)))
 
-void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
+void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *pval);
 int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, const void *x);
 
 #  define ASN1_i2d_bio_of(type,i2d,out,x) \
@@ -793,6 +793,7 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, const void *x);
                   CHECKED_PTR_OF(const type, x)))
 
 int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, const void *x);
+BIO *ASN1_item_i2d_mem_bio(const ASN1_ITEM *it, const ASN1_VALUE *val);
 int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
 int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
 int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 857ed43a52..ac5e6dac31 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4887,6 +4887,7 @@ OSSL_HTTP_get_asn1                      ?	3_0_0	EXIST::FUNCTION:
 OSSL_HTTP_post_asn1                     ?	3_0_0	EXIST::FUNCTION:
 OSSL_HTTP_transfer                      ?	3_0_0	EXIST::FUNCTION:
 OSSL_HTTP_proxy_connect                 ?	3_0_0	EXIST::FUNCTION:
+ASN1_item_i2d_mem_bio                   ?	3_0_0	EXIST::FUNCTION:
 ERR_add_error_txt                       ?	3_0_0	EXIST::FUNCTION:
 ERR_add_error_mem_bio                   ?	3_0_0	EXIST::FUNCTION:
 X509_STORE_CTX_print_verify_cb          ?	3_0_0	EXIST::FUNCTION: