Coverage Report

Created: 2024-11-21 07:03

/src/boringssl/crypto/asn1/asn1_lib.c
Line
Count
Source (jump to first uncovered line)
1
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2
 * All rights reserved.
3
 *
4
 * This package is an SSL implementation written
5
 * by Eric Young (eay@cryptsoft.com).
6
 * The implementation was written so as to conform with Netscapes SSL.
7
 *
8
 * This library is free for commercial and non-commercial use as long as
9
 * the following conditions are aheared to.  The following conditions
10
 * apply to all code found in this distribution, be it the RC4, RSA,
11
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
12
 * included with this distribution is covered by the same copyright terms
13
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14
 *
15
 * Copyright remains Eric Young's, and as such any Copyright notices in
16
 * the code are not to be removed.
17
 * If this package is used in a product, Eric Young should be given attribution
18
 * as the author of the parts of the library used.
19
 * This can be in the form of a textual message at program startup or
20
 * in documentation (online or textual) provided with the package.
21
 *
22
 * Redistribution and use in source and binary forms, with or without
23
 * modification, are permitted provided that the following conditions
24
 * are met:
25
 * 1. Redistributions of source code must retain the copyright
26
 *    notice, this list of conditions and the following disclaimer.
27
 * 2. Redistributions in binary form must reproduce the above copyright
28
 *    notice, this list of conditions and the following disclaimer in the
29
 *    documentation and/or other materials provided with the distribution.
30
 * 3. All advertising materials mentioning features or use of this software
31
 *    must display the following acknowledgement:
32
 *    "This product includes cryptographic software written by
33
 *     Eric Young (eay@cryptsoft.com)"
34
 *    The word 'cryptographic' can be left out if the rouines from the library
35
 *    being used are not cryptographic related :-).
36
 * 4. If you include any Windows specific code (or a derivative thereof) from
37
 *    the apps directory (application code) you must include an acknowledgement:
38
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39
 *
40
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50
 * SUCH DAMAGE.
51
 *
52
 * The licence and distribution terms for any publically available version or
53
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
54
 * copied and put under another distribution licence
55
 * [including the GNU Public Licence.] */
56
57
#include <openssl/asn1.h>
58
59
#include <limits.h>
60
#include <string.h>
61
62
#include <openssl/bytestring.h>
63
#include <openssl/err.h>
64
#include <openssl/mem.h>
65
66
#include "../internal.h"
67
#include "internal.h"
68
69
70
// Cross-module errors from crypto/x509/i2d_pr.c.
71
OPENSSL_DECLARE_ERROR_REASON(ASN1, UNSUPPORTED_PUBLIC_KEY_TYPE)
72
73
// Cross-module errors from crypto/x509/algorithm.c.
74
OPENSSL_DECLARE_ERROR_REASON(ASN1, CONTEXT_NOT_INITIALISED)
75
OPENSSL_DECLARE_ERROR_REASON(ASN1, DIGEST_AND_KEY_TYPE_NOT_SUPPORTED)
76
OPENSSL_DECLARE_ERROR_REASON(ASN1, UNKNOWN_MESSAGE_DIGEST_ALGORITHM)
77
OPENSSL_DECLARE_ERROR_REASON(ASN1, UNKNOWN_SIGNATURE_ALGORITHM)
78
OPENSSL_DECLARE_ERROR_REASON(ASN1, WRONG_PUBLIC_KEY_TYPE)
79
// Cross-module errors from crypto/x509/asn1_gen.c. TODO(davidben): Remove
80
// these once asn1_gen.c is gone.
81
OPENSSL_DECLARE_ERROR_REASON(ASN1, DEPTH_EXCEEDED)
82
OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_BITSTRING_FORMAT)
83
OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_BOOLEAN)
84
OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_FORMAT)
85
OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_HEX)
86
OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_IMPLICIT_TAG)
87
OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_INTEGER)
88
OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_NESTED_TAGGING)
89
OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_NULL_VALUE)
90
OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_OBJECT)
91
OPENSSL_DECLARE_ERROR_REASON(ASN1, ILLEGAL_TIME_VALUE)
92
OPENSSL_DECLARE_ERROR_REASON(ASN1, INTEGER_NOT_ASCII_FORMAT)
93
OPENSSL_DECLARE_ERROR_REASON(ASN1, INVALID_MODIFIER)
94
OPENSSL_DECLARE_ERROR_REASON(ASN1, INVALID_NUMBER)
95
OPENSSL_DECLARE_ERROR_REASON(ASN1, LIST_ERROR)
96
OPENSSL_DECLARE_ERROR_REASON(ASN1, MISSING_VALUE)
97
OPENSSL_DECLARE_ERROR_REASON(ASN1, NOT_ASCII_FORMAT)
98
OPENSSL_DECLARE_ERROR_REASON(ASN1, OBJECT_NOT_ASCII_FORMAT)
99
OPENSSL_DECLARE_ERROR_REASON(ASN1, SEQUENCE_OR_SET_NEEDS_CONFIG)
100
OPENSSL_DECLARE_ERROR_REASON(ASN1, TIME_NOT_ASCII_FORMAT)
101
OPENSSL_DECLARE_ERROR_REASON(ASN1, UNKNOWN_FORMAT)
102
OPENSSL_DECLARE_ERROR_REASON(ASN1, UNKNOWN_TAG)
103
OPENSSL_DECLARE_ERROR_REASON(ASN1, UNSUPPORTED_TYPE)
104
105
// Limit |ASN1_STRING|s to 64 MiB of data. Most of this module, as well as
106
// downstream code, does not correctly handle overflow. We cap string fields
107
// more tightly than strictly necessary to fit in |int|. This is not expected to
108
// impact real world uses of this field.
109
//
110
// In particular, this limit is small enough that the bit count of a BIT STRING
111
// comfortably fits in an |int|, with room for arithmetic.
112
5.49k
#define ASN1_STRING_MAX (64 * 1024 * 1024)
113
114
static void asn1_put_length(unsigned char **pp, int length);
115
116
int ASN1_get_object(const unsigned char **inp, long *out_len, int *out_tag,
117
0
                    int *out_class, long in_len) {
118
0
  if (in_len < 0) {
119
0
    OPENSSL_PUT_ERROR(ASN1, ASN1_R_HEADER_TOO_LONG);
120
0
    return 0x80;
121
0
  }
122
123
0
  CBS_ASN1_TAG tag;
124
0
  CBS cbs, body;
125
0
  CBS_init(&cbs, *inp, (size_t)in_len);
126
0
  if (!CBS_get_any_asn1(&cbs, &body, &tag) ||
127
      // Bound the length to comfortably fit in an int. Lengths in this
128
      // module often switch between int and long without overflow checks.
129
0
      CBS_len(&body) > INT_MAX / 2) {
130
0
    OPENSSL_PUT_ERROR(ASN1, ASN1_R_HEADER_TOO_LONG);
131
0
    return 0x80;
132
0
  }
133
134
  // Convert between tag representations.
135
0
  int tag_class = (tag & CBS_ASN1_CLASS_MASK) >> CBS_ASN1_TAG_SHIFT;
136
0
  int constructed = (tag & CBS_ASN1_CONSTRUCTED) >> CBS_ASN1_TAG_SHIFT;
137
0
  int tag_number = tag & CBS_ASN1_TAG_NUMBER_MASK;
138
139
  // To avoid ambiguity with V_ASN1_NEG, impose a limit on universal tags.
140
0
  if (tag_class == V_ASN1_UNIVERSAL && tag_number > V_ASN1_MAX_UNIVERSAL) {
141
0
    OPENSSL_PUT_ERROR(ASN1, ASN1_R_HEADER_TOO_LONG);
142
0
    return 0x80;
143
0
  }
144
145
0
  *inp = CBS_data(&body);
146
0
  *out_len = CBS_len(&body);
147
0
  *out_tag = tag_number;
148
0
  *out_class = tag_class;
149
0
  return constructed;
150
0
}
151
152
// class 0 is constructed constructed == 2 for indefinite length constructed
153
void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
154
0
                     int xclass) {
155
0
  unsigned char *p = *pp;
156
0
  int i, ttag;
157
158
0
  i = (constructed) ? V_ASN1_CONSTRUCTED : 0;
159
0
  i |= (xclass & V_ASN1_PRIVATE);
160
0
  if (tag < 31) {
161
0
    *(p++) = i | (tag & V_ASN1_PRIMITIVE_TAG);
162
0
  } else {
163
0
    *(p++) = i | V_ASN1_PRIMITIVE_TAG;
164
0
    for (i = 0, ttag = tag; ttag > 0; i++) {
165
0
      ttag >>= 7;
166
0
    }
167
0
    ttag = i;
168
0
    while (i-- > 0) {
169
0
      p[i] = tag & 0x7f;
170
0
      if (i != (ttag - 1)) {
171
0
        p[i] |= 0x80;
172
0
      }
173
0
      tag >>= 7;
174
0
    }
175
0
    p += ttag;
176
0
  }
177
0
  if (constructed == 2) {
178
0
    *(p++) = 0x80;
179
0
  } else {
180
0
    asn1_put_length(&p, length);
181
0
  }
182
0
  *pp = p;
183
0
}
184
185
0
int ASN1_put_eoc(unsigned char **pp) {
186
  // This function is no longer used in the library, but some external code
187
  // uses it.
188
0
  unsigned char *p = *pp;
189
0
  *p++ = 0;
190
0
  *p++ = 0;
191
0
  *pp = p;
192
0
  return 2;
193
0
}
194
195
0
static void asn1_put_length(unsigned char **pp, int length) {
196
0
  unsigned char *p = *pp;
197
0
  int i, l;
198
0
  if (length <= 127) {
199
0
    *(p++) = (unsigned char)length;
200
0
  } else {
201
0
    l = length;
202
0
    for (i = 0; l > 0; i++) {
203
0
      l >>= 8;
204
0
    }
205
0
    *(p++) = i | 0x80;
206
0
    l = i;
207
0
    while (i-- > 0) {
208
0
      p[i] = length & 0xff;
209
0
      length >>= 8;
210
0
    }
211
0
    p += l;
212
0
  }
213
0
  *pp = p;
214
0
}
215
216
0
int ASN1_object_size(int constructed, int length, int tag) {
217
0
  int ret = 1;
218
0
  if (length < 0) {
219
0
    return -1;
220
0
  }
221
0
  if (tag >= 31) {
222
0
    while (tag > 0) {
223
0
      tag >>= 7;
224
0
      ret++;
225
0
    }
226
0
  }
227
0
  if (constructed == 2) {
228
0
    ret += 3;
229
0
  } else {
230
0
    ret++;
231
0
    if (length > 127) {
232
0
      int tmplen = length;
233
0
      while (tmplen > 0) {
234
0
        tmplen >>= 8;
235
0
        ret++;
236
0
      }
237
0
    }
238
0
  }
239
0
  if (ret >= INT_MAX - length) {
240
0
    return -1;
241
0
  }
242
0
  return ret + length;
243
0
}
244
245
0
int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str) {
246
0
  if (str == NULL) {
247
0
    return 0;
248
0
  }
249
0
  if (!ASN1_STRING_set(dst, str->data, str->length)) {
250
0
    return 0;
251
0
  }
252
0
  dst->type = str->type;
253
0
  dst->flags = str->flags;
254
0
  return 1;
255
0
}
256
257
0
ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str) {
258
0
  ASN1_STRING *ret;
259
0
  if (!str) {
260
0
    return NULL;
261
0
  }
262
0
  ret = ASN1_STRING_new();
263
0
  if (!ret) {
264
0
    return NULL;
265
0
  }
266
0
  if (!ASN1_STRING_copy(ret, str)) {
267
0
    ASN1_STRING_free(ret);
268
0
    return NULL;
269
0
  }
270
0
  return ret;
271
0
}
272
273
5.49k
int ASN1_STRING_set(ASN1_STRING *str, const void *_data, ossl_ssize_t len_s) {
274
5.49k
  const char *data = _data;
275
5.49k
  size_t len;
276
5.49k
  if (len_s < 0) {
277
0
    if (data == NULL) {
278
0
      return 0;
279
0
    }
280
0
    len = strlen(data);
281
5.49k
  } else {
282
5.49k
    len = (size_t)len_s;
283
5.49k
  }
284
285
5.49k
  static_assert(ASN1_STRING_MAX < INT_MAX, "len will not overflow int");
286
5.49k
  if (len > ASN1_STRING_MAX) {
287
0
    OPENSSL_PUT_ERROR(ASN1, ERR_R_OVERFLOW);
288
0
    return 0;
289
0
  }
290
291
5.49k
  if (str->length <= (int)len || str->data == NULL) {
292
5.49k
    unsigned char *c = str->data;
293
5.49k
    if (c == NULL) {
294
5.49k
      str->data = OPENSSL_malloc(len + 1);
295
5.49k
    } else {
296
0
      str->data = OPENSSL_realloc(c, len + 1);
297
0
    }
298
299
5.49k
    if (str->data == NULL) {
300
0
      str->data = c;
301
0
      return 0;
302
0
    }
303
5.49k
  }
304
5.49k
  str->length = (int)len;
305
5.49k
  if (data != NULL) {
306
0
    OPENSSL_memcpy(str->data, data, len);
307
    // Historically, OpenSSL would NUL-terminate most (but not all)
308
    // |ASN1_STRING|s, in case anyone accidentally passed |str->data| into a
309
    // function expecting a C string. We retain this behavior for compatibility,
310
    // but code must not rely on this. See CVE-2021-3712.
311
0
    str->data[len] = '\0';
312
0
  }
313
5.49k
  return 1;
314
5.49k
}
315
316
0
void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len) {
317
0
  OPENSSL_free(str->data);
318
0
  str->data = data;
319
0
  str->length = len;
320
0
}
321
322
0
ASN1_STRING *ASN1_STRING_new(void) {
323
0
  return (ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
324
0
}
325
326
14.8k
ASN1_STRING *ASN1_STRING_type_new(int type) {
327
14.8k
  ASN1_STRING *ret;
328
329
14.8k
  ret = (ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING));
330
14.8k
  if (ret == NULL) {
331
0
    return NULL;
332
0
  }
333
14.8k
  ret->length = 0;
334
14.8k
  ret->type = type;
335
14.8k
  ret->data = NULL;
336
14.8k
  ret->flags = 0;
337
14.8k
  return ret;
338
14.8k
}
339
340
14.8k
void ASN1_STRING_free(ASN1_STRING *str) {
341
14.8k
  if (str == NULL) {
342
0
    return;
343
0
  }
344
14.8k
  OPENSSL_free(str->data);
345
14.8k
  OPENSSL_free(str);
346
14.8k
}
347
348
0
int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b) {
349
  // Capture padding bits and implicit truncation in BIT STRINGs.
350
0
  int a_length = a->length, b_length = b->length;
351
0
  uint8_t a_padding = 0, b_padding = 0;
352
0
  if (a->type == V_ASN1_BIT_STRING) {
353
0
    a_length = asn1_bit_string_length(a, &a_padding);
354
0
  }
355
0
  if (b->type == V_ASN1_BIT_STRING) {
356
0
    b_length = asn1_bit_string_length(b, &b_padding);
357
0
  }
358
359
0
  if (a_length < b_length) {
360
0
    return -1;
361
0
  }
362
0
  if (a_length > b_length) {
363
0
    return 1;
364
0
  }
365
  // In a BIT STRING, the number of bits is 8 * length - padding. Invert this
366
  // comparison so we compare by lengths.
367
0
  if (a_padding > b_padding) {
368
0
    return -1;
369
0
  }
370
0
  if (a_padding < b_padding) {
371
0
    return 1;
372
0
  }
373
374
0
  int ret = OPENSSL_memcmp(a->data, b->data, a_length);
375
0
  if (ret != 0) {
376
0
    return ret;
377
0
  }
378
379
  // Comparing the type first is more natural, but this matches OpenSSL.
380
0
  if (a->type < b->type) {
381
0
    return -1;
382
0
  }
383
0
  if (a->type > b->type) {
384
0
    return 1;
385
0
  }
386
0
  return 0;
387
0
}
388
389
0
int ASN1_STRING_length(const ASN1_STRING *str) { return str->length; }
390
391
0
int ASN1_STRING_type(const ASN1_STRING *str) { return str->type; }
392
393
0
unsigned char *ASN1_STRING_data(ASN1_STRING *str) { return str->data; }
394
395
0
const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *str) {
396
0
  return str->data;
397
0
}