/src/openssl/crypto/asn1/a_bitstr.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <limits.h> |
11 | | #include <stdio.h> |
12 | | #include "internal/cryptlib.h" |
13 | | #include <openssl/asn1.h> |
14 | | #include "asn1_local.h" |
15 | | |
16 | | #include <crypto/asn1.h> |
17 | | |
18 | | static void |
19 | | asn1_bit_string_clear_unused_bits(ASN1_BIT_STRING *abs) |
20 | 0 | { |
21 | 0 | abs->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); |
22 | 0 | } |
23 | | |
24 | | static int asn1_bit_string_set_unused_bits(ASN1_BIT_STRING *abs, |
25 | | uint8_t unused_bits) |
26 | 0 | { |
27 | 0 | if (unused_bits > 7) |
28 | 0 | return 0; |
29 | | |
30 | 0 | asn1_bit_string_clear_unused_bits(abs); |
31 | |
|
32 | 0 | abs->flags |= ASN1_STRING_FLAG_BITS_LEFT | unused_bits; |
33 | |
|
34 | 0 | return 1; |
35 | 0 | } |
36 | | |
37 | | int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len) |
38 | 0 | { |
39 | 0 | return ASN1_STRING_set(x, d, len); |
40 | 0 | } |
41 | | |
42 | | int ossl_i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) |
43 | 0 | { |
44 | 0 | int ret, j, bits, len; |
45 | 0 | unsigned char *p, *d; |
46 | |
|
47 | 0 | if (a == NULL) |
48 | 0 | return 0; |
49 | | |
50 | 0 | len = a->length; |
51 | |
|
52 | 0 | if (len > 0) { |
53 | 0 | if (a->flags & ASN1_STRING_FLAG_BITS_LEFT) { |
54 | 0 | bits = (int)a->flags & 0x07; |
55 | 0 | } else { |
56 | 0 | for (; len > 0; len--) { |
57 | 0 | if (a->data[len - 1]) |
58 | 0 | break; |
59 | 0 | } |
60 | |
|
61 | 0 | if (len == 0) { |
62 | 0 | bits = 0; |
63 | 0 | } else { |
64 | 0 | j = a->data[len - 1]; |
65 | 0 | if (j & 0x01) |
66 | 0 | bits = 0; |
67 | 0 | else if (j & 0x02) |
68 | 0 | bits = 1; |
69 | 0 | else if (j & 0x04) |
70 | 0 | bits = 2; |
71 | 0 | else if (j & 0x08) |
72 | 0 | bits = 3; |
73 | 0 | else if (j & 0x10) |
74 | 0 | bits = 4; |
75 | 0 | else if (j & 0x20) |
76 | 0 | bits = 5; |
77 | 0 | else if (j & 0x40) |
78 | 0 | bits = 6; |
79 | 0 | else if (j & 0x80) |
80 | 0 | bits = 7; |
81 | 0 | else |
82 | 0 | bits = 0; /* should not happen */ |
83 | 0 | } |
84 | 0 | } |
85 | 0 | } else |
86 | 0 | bits = 0; |
87 | |
|
88 | 0 | ret = 1 + len; |
89 | 0 | if (pp == NULL) |
90 | 0 | return ret; |
91 | | |
92 | 0 | p = *pp; |
93 | |
|
94 | 0 | *(p++) = (unsigned char)bits; |
95 | 0 | d = a->data; |
96 | 0 | if (len > 0) { |
97 | 0 | memcpy(p, d, len); |
98 | 0 | p += len; |
99 | 0 | p[-1] &= (0xff << bits); |
100 | 0 | } |
101 | 0 | *pp = p; |
102 | 0 | return ret; |
103 | 0 | } |
104 | | |
105 | | ASN1_BIT_STRING *ossl_c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, |
106 | | const unsigned char **pp, long len) |
107 | 0 | { |
108 | 0 | ASN1_BIT_STRING *ret = NULL; |
109 | 0 | const unsigned char *p; |
110 | 0 | unsigned char *s; |
111 | 0 | int i = 0; |
112 | |
|
113 | 0 | if (len < 1) { |
114 | 0 | i = ASN1_R_STRING_TOO_SHORT; |
115 | 0 | goto err; |
116 | 0 | } |
117 | | |
118 | 0 | if (len > INT_MAX) { |
119 | 0 | i = ASN1_R_STRING_TOO_LONG; |
120 | 0 | goto err; |
121 | 0 | } |
122 | | |
123 | 0 | if ((a == NULL) || ((*a) == NULL)) { |
124 | 0 | if ((ret = ASN1_BIT_STRING_new()) == NULL) |
125 | 0 | return NULL; |
126 | 0 | } else |
127 | 0 | ret = (*a); |
128 | | |
129 | 0 | p = *pp; |
130 | 0 | i = *(p++); |
131 | 0 | if (i > 7) { |
132 | 0 | i = ASN1_R_INVALID_BIT_STRING_BITS_LEFT; |
133 | 0 | goto err; |
134 | 0 | } |
135 | | /* |
136 | | * We do this to preserve the settings. If we modify the settings, via |
137 | | * the _set_bit function, we will recalculate on output |
138 | | */ |
139 | 0 | ossl_asn1_string_set_bits_left(ret, i); |
140 | |
|
141 | 0 | if (len-- > 1) { /* using one because of the bits left byte */ |
142 | 0 | s = OPENSSL_malloc((int)len); |
143 | 0 | if (s == NULL) { |
144 | 0 | goto err; |
145 | 0 | } |
146 | 0 | memcpy(s, p, (int)len); |
147 | 0 | s[len - 1] &= (0xff << i); |
148 | 0 | p += len; |
149 | 0 | } else |
150 | 0 | s = NULL; |
151 | | |
152 | 0 | ASN1_STRING_set0(ret, s, (int)len); |
153 | 0 | ret->type = V_ASN1_BIT_STRING; |
154 | 0 | if (a != NULL) |
155 | 0 | (*a) = ret; |
156 | 0 | *pp = p; |
157 | 0 | return ret; |
158 | 0 | err: |
159 | 0 | if (i != 0) |
160 | 0 | ERR_raise(ERR_LIB_ASN1, i); |
161 | 0 | if ((a == NULL) || (*a != ret)) |
162 | 0 | ASN1_BIT_STRING_free(ret); |
163 | 0 | return NULL; |
164 | 0 | } |
165 | | |
166 | | /* |
167 | | * These next 2 functions from Goetz Babin-Ebell. |
168 | | */ |
169 | | int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) |
170 | 0 | { |
171 | 0 | int w, v, iv; |
172 | 0 | unsigned char *c; |
173 | |
|
174 | 0 | if (n < 0) |
175 | 0 | return 0; |
176 | | |
177 | 0 | w = n / 8; |
178 | 0 | v = 1 << (7 - (n & 0x07)); |
179 | 0 | iv = ~v; |
180 | 0 | if (!value) |
181 | 0 | v = 0; |
182 | |
|
183 | 0 | if (a == NULL) |
184 | 0 | return 0; |
185 | | |
186 | 0 | a->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); /* clear, set on write */ |
187 | |
|
188 | 0 | if ((a->length < (w + 1)) || (a->data == NULL)) { |
189 | 0 | if (!value) |
190 | 0 | return 1; /* Don't need to set */ |
191 | 0 | c = OPENSSL_clear_realloc(a->data, a->length, w + 1); |
192 | 0 | if (c == NULL) |
193 | 0 | return 0; |
194 | 0 | if (w + 1 - a->length > 0) |
195 | 0 | memset(c + a->length, 0, w + 1 - a->length); |
196 | 0 | a->data = c; |
197 | 0 | a->length = w + 1; |
198 | 0 | } |
199 | 0 | a->data[w] = ((a->data[w]) & iv) | v; |
200 | 0 | while ((a->length > 0) && (a->data[a->length - 1] == 0)) |
201 | 0 | a->length--; |
202 | 0 | return 1; |
203 | 0 | } |
204 | | |
205 | | int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n) |
206 | 0 | { |
207 | 0 | int w, v; |
208 | |
|
209 | 0 | if (n < 0) |
210 | 0 | return 0; |
211 | | |
212 | 0 | w = n / 8; |
213 | 0 | v = 1 << (7 - (n & 0x07)); |
214 | 0 | if ((a == NULL) || (a->length < (w + 1)) || (a->data == NULL)) |
215 | 0 | return 0; |
216 | 0 | return ((a->data[w] & v) != 0); |
217 | 0 | } |
218 | | |
219 | | /* |
220 | | * Checks if the given bit string contains only bits specified by |
221 | | * the flags vector. Returns 0 if there is at least one bit set in 'a' |
222 | | * which is not specified in 'flags', 1 otherwise. |
223 | | * 'len' is the length of 'flags'. |
224 | | */ |
225 | | int ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a, |
226 | | const unsigned char *flags, int flags_len) |
227 | 0 | { |
228 | 0 | int i, ok; |
229 | | /* Check if there is one bit set at all. */ |
230 | 0 | if (!a || !a->data) |
231 | 0 | return 1; |
232 | | |
233 | | /* |
234 | | * Check each byte of the internal representation of the bit string. |
235 | | */ |
236 | 0 | ok = 1; |
237 | 0 | for (i = 0; i < a->length && ok; ++i) { |
238 | 0 | unsigned char mask = i < flags_len ? ~flags[i] : 0xff; |
239 | | /* We are done if there is an unneeded bit set. */ |
240 | 0 | ok = (a->data[i] & mask) == 0; |
241 | 0 | } |
242 | 0 | return ok; |
243 | 0 | } |
244 | | |
245 | | int ASN1_BIT_STRING_get_length(const ASN1_BIT_STRING *abs, size_t *out_length, |
246 | | int *out_unused_bits) |
247 | 0 | { |
248 | 0 | size_t length; |
249 | 0 | int unused_bits; |
250 | |
|
251 | 0 | if (abs == NULL || abs->type != V_ASN1_BIT_STRING) |
252 | 0 | return 0; |
253 | | |
254 | 0 | if (out_length == NULL || out_unused_bits == NULL) |
255 | 0 | return 0; |
256 | | |
257 | 0 | length = abs->length; |
258 | 0 | unused_bits = 0; |
259 | |
|
260 | 0 | if ((abs->flags & ASN1_STRING_FLAG_BITS_LEFT) != 0) |
261 | 0 | unused_bits = abs->flags & 0x07; |
262 | |
|
263 | 0 | if (length == 0 && unused_bits != 0) |
264 | 0 | return 0; |
265 | | |
266 | 0 | if (unused_bits != 0) { |
267 | 0 | unsigned char mask = (1 << unused_bits) - 1; |
268 | 0 | if ((abs->data[length - 1] & mask) != 0) |
269 | 0 | return 0; |
270 | 0 | } |
271 | | |
272 | 0 | *out_length = length; |
273 | 0 | *out_unused_bits = unused_bits; |
274 | |
|
275 | 0 | return 1; |
276 | 0 | } |
277 | | |
278 | | int ASN1_BIT_STRING_set1(ASN1_BIT_STRING *abs, const uint8_t *data, size_t length, |
279 | | int unused_bits) |
280 | 0 | { |
281 | 0 | if (abs == NULL) |
282 | 0 | return 0; |
283 | | |
284 | 0 | if (length > INT_MAX || unused_bits < 0 || unused_bits > 7) |
285 | 0 | return 0; |
286 | | |
287 | 0 | if (length == 0 && unused_bits != 0) |
288 | 0 | return 0; |
289 | | |
290 | 0 | if (length > 0 && (data[length - 1] & ((1 << unused_bits) - 1)) != 0) |
291 | 0 | return 0; |
292 | | |
293 | | /* |
294 | | * XXX - ASN1_STRING_set() and asn1_bit_string_set_unused_bits() preserve the |
295 | | * state of flags irrelevant to ASN1_BIT_STRING. Should we explicitly |
296 | | * clear them? |
297 | | */ |
298 | | |
299 | 0 | if (!ASN1_STRING_set(abs, data, (int)length)) |
300 | 0 | return 0; |
301 | 0 | abs->type = V_ASN1_BIT_STRING; |
302 | |
|
303 | 0 | return asn1_bit_string_set_unused_bits(abs, unused_bits); |
304 | 0 | } |