/src/boringssl/crypto/asn1/a_bitstr.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
2 | | * All rights reserved. |
3 | | * |
4 | | * This package is an SSL implementation written |
5 | | * by Eric Young (eay@cryptsoft.com). |
6 | | * The implementation was written so as to conform with Netscapes SSL. |
7 | | * |
8 | | * This library is free for commercial and non-commercial use as long as |
9 | | * the following conditions are aheared to. The following conditions |
10 | | * apply to all code found in this distribution, be it the RC4, RSA, |
11 | | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
12 | | * included with this distribution is covered by the same copyright terms |
13 | | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
14 | | * |
15 | | * Copyright remains Eric Young's, and as such any Copyright notices in |
16 | | * the code are not to be removed. |
17 | | * If this package is used in a product, Eric Young should be given attribution |
18 | | * as the author of the parts of the library used. |
19 | | * This can be in the form of a textual message at program startup or |
20 | | * in documentation (online or textual) provided with the package. |
21 | | * |
22 | | * Redistribution and use in source and binary forms, with or without |
23 | | * modification, are permitted provided that the following conditions |
24 | | * are met: |
25 | | * 1. Redistributions of source code must retain the copyright |
26 | | * notice, this list of conditions and the following disclaimer. |
27 | | * 2. Redistributions in binary form must reproduce the above copyright |
28 | | * notice, this list of conditions and the following disclaimer in the |
29 | | * documentation and/or other materials provided with the distribution. |
30 | | * 3. All advertising materials mentioning features or use of this software |
31 | | * must display the following acknowledgement: |
32 | | * "This product includes cryptographic software written by |
33 | | * Eric Young (eay@cryptsoft.com)" |
34 | | * The word 'cryptographic' can be left out if the rouines from the library |
35 | | * being used are not cryptographic related :-). |
36 | | * 4. If you include any Windows specific code (or a derivative thereof) from |
37 | | * the apps directory (application code) you must include an acknowledgement: |
38 | | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
39 | | * |
40 | | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
41 | | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
42 | | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
43 | | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
44 | | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
45 | | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
46 | | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
47 | | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
48 | | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
49 | | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
50 | | * SUCH DAMAGE. |
51 | | * |
52 | | * The licence and distribution terms for any publically available version or |
53 | | * derivative of this code cannot be changed. i.e. this code cannot simply be |
54 | | * copied and put under another distribution licence |
55 | | * [including the GNU Public Licence.] */ |
56 | | |
57 | | #include <openssl/asn1.h> |
58 | | |
59 | | #include <limits.h> |
60 | | #include <string.h> |
61 | | |
62 | | #include <openssl/err.h> |
63 | | #include <openssl/mem.h> |
64 | | |
65 | | #include "../internal.h" |
66 | | #include "internal.h" |
67 | | |
68 | | |
69 | | int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, const unsigned char *d, |
70 | 0 | ossl_ssize_t len) { |
71 | 0 | return ASN1_STRING_set(x, d, len); |
72 | 0 | } |
73 | | |
74 | | int asn1_bit_string_length(const ASN1_BIT_STRING *str, |
75 | 0 | uint8_t *out_padding_bits) { |
76 | 0 | int len = str->length; |
77 | 0 | if (str->flags & ASN1_STRING_FLAG_BITS_LEFT) { |
78 | | // If the string is already empty, it cannot have padding bits. |
79 | 0 | *out_padding_bits = len == 0 ? 0 : str->flags & 0x07; |
80 | 0 | return len; |
81 | 0 | } |
82 | | |
83 | | // TODO(https://crbug.com/boringssl/447): If we move this logic to |
84 | | // |ASN1_BIT_STRING_set_bit|, can we remove this representation? |
85 | 0 | while (len > 0 && str->data[len - 1] == 0) { |
86 | 0 | len--; |
87 | 0 | } |
88 | 0 | uint8_t padding_bits = 0; |
89 | 0 | if (len > 0) { |
90 | 0 | uint8_t last = str->data[len - 1]; |
91 | 0 | assert(last != 0); |
92 | 0 | for (; padding_bits < 7; padding_bits++) { |
93 | 0 | if (last & (1 << padding_bits)) { |
94 | 0 | break; |
95 | 0 | } |
96 | 0 | } |
97 | 0 | } |
98 | 0 | *out_padding_bits = padding_bits; |
99 | 0 | return len; |
100 | 0 | } |
101 | | |
102 | 0 | int ASN1_BIT_STRING_num_bytes(const ASN1_BIT_STRING *str, size_t *out) { |
103 | 0 | uint8_t padding_bits; |
104 | 0 | int len = asn1_bit_string_length(str, &padding_bits); |
105 | 0 | if (padding_bits != 0) { |
106 | 0 | return 0; |
107 | 0 | } |
108 | 0 | *out = len; |
109 | 0 | return 1; |
110 | 0 | } |
111 | | |
112 | 0 | int i2c_ASN1_BIT_STRING(const ASN1_BIT_STRING *a, unsigned char **pp) { |
113 | 0 | if (a == NULL) { |
114 | 0 | return 0; |
115 | 0 | } |
116 | | |
117 | 0 | uint8_t bits; |
118 | 0 | int len = asn1_bit_string_length(a, &bits); |
119 | 0 | if (len > INT_MAX - 1) { |
120 | 0 | OPENSSL_PUT_ERROR(ASN1, ERR_R_OVERFLOW); |
121 | 0 | return 0; |
122 | 0 | } |
123 | 0 | int ret = 1 + len; |
124 | 0 | if (pp == NULL) { |
125 | 0 | return ret; |
126 | 0 | } |
127 | | |
128 | 0 | uint8_t *p = *pp; |
129 | 0 | *(p++) = bits; |
130 | 0 | OPENSSL_memcpy(p, a->data, len); |
131 | 0 | if (len > 0) { |
132 | 0 | p[len - 1] &= (0xff << bits); |
133 | 0 | } |
134 | 0 | p += len; |
135 | 0 | *pp = p; |
136 | 0 | return ret; |
137 | 0 | } |
138 | | |
139 | | ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, |
140 | 0 | const unsigned char **pp, long len) { |
141 | 0 | ASN1_BIT_STRING *ret = NULL; |
142 | 0 | const unsigned char *p; |
143 | 0 | unsigned char *s; |
144 | 0 | int padding; |
145 | |
|
146 | 0 | if (len < 1) { |
147 | 0 | OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_SHORT); |
148 | 0 | goto err; |
149 | 0 | } |
150 | | |
151 | 0 | if (len > INT_MAX) { |
152 | 0 | OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_LONG); |
153 | 0 | goto err; |
154 | 0 | } |
155 | | |
156 | 0 | if ((a == NULL) || ((*a) == NULL)) { |
157 | 0 | if ((ret = ASN1_BIT_STRING_new()) == NULL) { |
158 | 0 | return NULL; |
159 | 0 | } |
160 | 0 | } else { |
161 | 0 | ret = (*a); |
162 | 0 | } |
163 | | |
164 | 0 | p = *pp; |
165 | 0 | padding = *(p++); |
166 | 0 | len--; |
167 | 0 | if (padding > 7) { |
168 | 0 | OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_BIT_STRING_BITS_LEFT); |
169 | 0 | goto err; |
170 | 0 | } |
171 | | |
172 | | // Unused bits in a BIT STRING must be zero. |
173 | 0 | uint8_t padding_mask = (1 << padding) - 1; |
174 | 0 | if (padding != 0 && (len < 1 || (p[len - 1] & padding_mask) != 0)) { |
175 | 0 | OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_BIT_STRING_PADDING); |
176 | 0 | goto err; |
177 | 0 | } |
178 | | |
179 | | // We do this to preserve the settings. If we modify the settings, via |
180 | | // the _set_bit function, we will recalculate on output |
181 | 0 | ret->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); // clear |
182 | 0 | ret->flags |= (ASN1_STRING_FLAG_BITS_LEFT | padding); // set |
183 | |
|
184 | 0 | if (len > 0) { |
185 | 0 | s = OPENSSL_memdup(p, len); |
186 | 0 | if (s == NULL) { |
187 | 0 | goto err; |
188 | 0 | } |
189 | 0 | p += len; |
190 | 0 | } else { |
191 | 0 | s = NULL; |
192 | 0 | } |
193 | | |
194 | 0 | ret->length = (int)len; |
195 | 0 | OPENSSL_free(ret->data); |
196 | 0 | ret->data = s; |
197 | 0 | ret->type = V_ASN1_BIT_STRING; |
198 | 0 | if (a != NULL) { |
199 | 0 | (*a) = ret; |
200 | 0 | } |
201 | 0 | *pp = p; |
202 | 0 | return ret; |
203 | 0 | err: |
204 | 0 | if ((ret != NULL) && ((a == NULL) || (*a != ret))) { |
205 | 0 | ASN1_BIT_STRING_free(ret); |
206 | 0 | } |
207 | 0 | return NULL; |
208 | 0 | } |
209 | | |
210 | | // These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de> |
211 | 0 | int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) { |
212 | 0 | int w, v, iv; |
213 | 0 | unsigned char *c; |
214 | |
|
215 | 0 | w = n / 8; |
216 | 0 | v = 1 << (7 - (n & 0x07)); |
217 | 0 | iv = ~v; |
218 | 0 | if (!value) { |
219 | 0 | v = 0; |
220 | 0 | } |
221 | |
|
222 | 0 | if (a == NULL) { |
223 | 0 | return 0; |
224 | 0 | } |
225 | | |
226 | 0 | a->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); // clear, set on write |
227 | |
|
228 | 0 | if ((a->length < (w + 1)) || (a->data == NULL)) { |
229 | 0 | if (!value) { |
230 | 0 | return 1; // Don't need to set |
231 | 0 | } |
232 | 0 | if (a->data == NULL) { |
233 | 0 | c = (unsigned char *)OPENSSL_malloc(w + 1); |
234 | 0 | } else { |
235 | 0 | c = (unsigned char *)OPENSSL_realloc(a->data, w + 1); |
236 | 0 | } |
237 | 0 | if (c == NULL) { |
238 | 0 | return 0; |
239 | 0 | } |
240 | 0 | if (w + 1 - a->length > 0) { |
241 | 0 | OPENSSL_memset(c + a->length, 0, w + 1 - a->length); |
242 | 0 | } |
243 | 0 | a->data = c; |
244 | 0 | a->length = w + 1; |
245 | 0 | } |
246 | 0 | a->data[w] = ((a->data[w]) & iv) | v; |
247 | 0 | while ((a->length > 0) && (a->data[a->length - 1] == 0)) { |
248 | 0 | a->length--; |
249 | 0 | } |
250 | 0 | return 1; |
251 | 0 | } |
252 | | |
253 | 0 | int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n) { |
254 | 0 | int w, v; |
255 | |
|
256 | 0 | w = n / 8; |
257 | 0 | v = 1 << (7 - (n & 0x07)); |
258 | 0 | if ((a == NULL) || (a->length < (w + 1)) || (a->data == NULL)) { |
259 | 0 | return 0; |
260 | 0 | } |
261 | 0 | return ((a->data[w] & v) != 0); |
262 | 0 | } |
263 | | |
264 | | // Checks if the given bit string contains only bits specified by |
265 | | // the flags vector. Returns 0 if there is at least one bit set in 'a' |
266 | | // which is not specified in 'flags', 1 otherwise. |
267 | | // 'len' is the length of 'flags'. |
268 | | int ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a, const unsigned char *flags, |
269 | 0 | int flags_len) { |
270 | 0 | int i, ok; |
271 | | // Check if there is one bit set at all. |
272 | 0 | if (!a || !a->data) { |
273 | 0 | return 1; |
274 | 0 | } |
275 | | |
276 | | // Check each byte of the internal representation of the bit string. |
277 | 0 | ok = 1; |
278 | 0 | for (i = 0; i < a->length && ok; ++i) { |
279 | 0 | unsigned char mask = i < flags_len ? ~flags[i] : 0xff; |
280 | | // We are done if there is an unneeded bit set. |
281 | 0 | ok = (a->data[i] & mask) == 0; |
282 | 0 | } |
283 | 0 | return ok; |
284 | 0 | } |