/src/openssl/crypto/asn1/x_int64.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <stdio.h> |
11 | | #include <inttypes.h> |
12 | | #include "internal/cryptlib.h" |
13 | | #include "internal/numbers.h" |
14 | | #include <openssl/asn1t.h> |
15 | | #include <openssl/bn.h> |
16 | | #include "asn1_local.h" |
17 | | |
18 | | /* |
19 | | * Custom primitive types for handling int32_t, int64_t, uint32_t, uint64_t. |
20 | | * This converts between an ASN1_INTEGER and those types directly. |
21 | | * This is preferred to using the LONG / ZLONG primitives. |
22 | | */ |
23 | | |
24 | | /* |
25 | | * We abuse the ASN1_ITEM fields |size| as a flags field |
26 | | */ |
27 | 0 | #define INTxx_FLAG_ZERO_DEFAULT (1 << 0) |
28 | 0 | #define INTxx_FLAG_SIGNED (1 << 1) |
29 | | |
30 | | static int uint64_new(ASN1_VALUE **pval, const ASN1_ITEM *it) |
31 | 0 | { |
32 | 0 | if ((*pval = (ASN1_VALUE *)OPENSSL_zalloc(sizeof(uint64_t))) == NULL) |
33 | 0 | return 0; |
34 | 0 | return 1; |
35 | 0 | } |
36 | | |
37 | | static void uint64_free(ASN1_VALUE **pval, const ASN1_ITEM *it) |
38 | 0 | { |
39 | 0 | OPENSSL_free(*pval); |
40 | 0 | *pval = NULL; |
41 | 0 | } |
42 | | |
43 | | static void uint64_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) |
44 | 0 | { |
45 | 0 | **(uint64_t **)pval = 0; |
46 | 0 | } |
47 | | |
48 | | static int uint64_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype, |
49 | | const ASN1_ITEM *it) |
50 | 0 | { |
51 | 0 | uint64_t utmp; |
52 | 0 | int neg = 0; |
53 | | /* this exists to bypass broken gcc optimization */ |
54 | 0 | char *cp = (char *)*pval; |
55 | | |
56 | | /* use memcpy, because we may not be uint64_t aligned */ |
57 | 0 | memcpy(&utmp, cp, sizeof(utmp)); |
58 | |
|
59 | 0 | if ((it->size & INTxx_FLAG_ZERO_DEFAULT) == INTxx_FLAG_ZERO_DEFAULT |
60 | 0 | && utmp == 0) |
61 | 0 | return -1; |
62 | 0 | if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED |
63 | 0 | && (int64_t)utmp < 0) { |
64 | | /* ossl_i2c_uint64_int() assumes positive values */ |
65 | 0 | utmp = 0 - utmp; |
66 | 0 | neg = 1; |
67 | 0 | } |
68 | |
|
69 | 0 | return ossl_i2c_uint64_int(cont, utmp, neg); |
70 | 0 | } |
71 | | |
72 | | static int uint64_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, |
73 | | int utype, char *free_cont, const ASN1_ITEM *it) |
74 | 0 | { |
75 | 0 | uint64_t utmp = 0; |
76 | 0 | char *cp; |
77 | 0 | int neg = 0; |
78 | |
|
79 | 0 | if (*pval == NULL && !uint64_new(pval, it)) |
80 | 0 | return 0; |
81 | | |
82 | 0 | cp = (char *)*pval; |
83 | | |
84 | | /* |
85 | | * Strictly speaking, zero length is malformed. However, long_c2i |
86 | | * (x_long.c) encodes 0 as a zero length INTEGER (wrongly, of course), |
87 | | * so for the sake of backward compatibility, we still decode zero |
88 | | * length INTEGERs as the number zero. |
89 | | */ |
90 | 0 | if (len == 0) |
91 | 0 | goto long_compat; |
92 | | |
93 | 0 | if (!ossl_c2i_uint64_int(&utmp, &neg, &cont, len)) |
94 | 0 | return 0; |
95 | 0 | if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) { |
96 | 0 | ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_NEGATIVE_VALUE); |
97 | 0 | return 0; |
98 | 0 | } |
99 | 0 | if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED |
100 | 0 | && !neg && utmp > INT64_MAX) { |
101 | 0 | ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LARGE); |
102 | 0 | return 0; |
103 | 0 | } |
104 | 0 | if (neg) |
105 | | /* ossl_c2i_uint64_int() returns positive values */ |
106 | 0 | utmp = 0 - utmp; |
107 | |
|
108 | 0 | long_compat: |
109 | 0 | memcpy(cp, &utmp, sizeof(utmp)); |
110 | 0 | return 1; |
111 | 0 | } |
112 | | |
113 | | static int uint64_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it, |
114 | | int indent, const ASN1_PCTX *pctx) |
115 | 0 | { |
116 | 0 | if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED) |
117 | 0 | return BIO_printf(out, "%" PRId64 "\n", **(int64_t **)pval); |
118 | 0 | return BIO_printf(out, "%" PRIu64 "\n", **(uint64_t **)pval); |
119 | 0 | } |
120 | | |
121 | | /* 32-bit variants */ |
122 | | |
123 | | static int uint32_new(ASN1_VALUE **pval, const ASN1_ITEM *it) |
124 | 0 | { |
125 | 0 | if ((*pval = (ASN1_VALUE *)OPENSSL_zalloc(sizeof(uint32_t))) == NULL) |
126 | 0 | return 0; |
127 | 0 | return 1; |
128 | 0 | } |
129 | | |
130 | | static void uint32_free(ASN1_VALUE **pval, const ASN1_ITEM *it) |
131 | 0 | { |
132 | 0 | OPENSSL_free(*pval); |
133 | 0 | *pval = NULL; |
134 | 0 | } |
135 | | |
136 | | static void uint32_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) |
137 | 0 | { |
138 | 0 | **(uint32_t **)pval = 0; |
139 | 0 | } |
140 | | |
141 | | static int uint32_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype, |
142 | | const ASN1_ITEM *it) |
143 | 0 | { |
144 | 0 | uint32_t utmp; |
145 | 0 | int neg = 0; |
146 | | /* this exists to bypass broken gcc optimization */ |
147 | 0 | char *cp = (char *)*pval; |
148 | | |
149 | | /* use memcpy, because we may not be uint32_t aligned */ |
150 | 0 | memcpy(&utmp, cp, sizeof(utmp)); |
151 | |
|
152 | 0 | if ((it->size & INTxx_FLAG_ZERO_DEFAULT) == INTxx_FLAG_ZERO_DEFAULT |
153 | 0 | && utmp == 0) |
154 | 0 | return -1; |
155 | 0 | if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED |
156 | 0 | && (int32_t)utmp < 0) { |
157 | | /* ossl_i2c_uint64_int() assumes positive values */ |
158 | 0 | utmp = 0 - utmp; |
159 | 0 | neg = 1; |
160 | 0 | } |
161 | |
|
162 | 0 | return ossl_i2c_uint64_int(cont, (uint64_t)utmp, neg); |
163 | 0 | } |
164 | | |
165 | | /* |
166 | | * Absolute value of INT32_MIN: we can't just use -INT32_MIN as it produces |
167 | | * overflow warnings. |
168 | | */ |
169 | | |
170 | 0 | #define ABS_INT32_MIN ((uint32_t)INT32_MAX + 1) |
171 | | |
172 | | static int uint32_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, |
173 | | int utype, char *free_cont, const ASN1_ITEM *it) |
174 | 0 | { |
175 | 0 | uint64_t utmp = 0; |
176 | 0 | uint32_t utmp2 = 0; |
177 | 0 | char *cp; |
178 | 0 | int neg = 0; |
179 | |
|
180 | 0 | if (*pval == NULL && !uint64_new(pval, it)) |
181 | 0 | return 0; |
182 | | |
183 | 0 | cp = (char *)*pval; |
184 | | |
185 | | /* |
186 | | * Strictly speaking, zero length is malformed. However, long_c2i |
187 | | * (x_long.c) encodes 0 as a zero length INTEGER (wrongly, of course), |
188 | | * so for the sake of backward compatibility, we still decode zero |
189 | | * length INTEGERs as the number zero. |
190 | | */ |
191 | 0 | if (len == 0) |
192 | 0 | goto long_compat; |
193 | | |
194 | 0 | if (!ossl_c2i_uint64_int(&utmp, &neg, &cont, len)) |
195 | 0 | return 0; |
196 | 0 | if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) { |
197 | 0 | ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_NEGATIVE_VALUE); |
198 | 0 | return 0; |
199 | 0 | } |
200 | 0 | if (neg) { |
201 | 0 | if (utmp > ABS_INT32_MIN) { |
202 | 0 | ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_SMALL); |
203 | 0 | return 0; |
204 | 0 | } |
205 | 0 | utmp = 0 - utmp; |
206 | 0 | } else { |
207 | 0 | if (((it->size & INTxx_FLAG_SIGNED) != 0 && utmp > INT32_MAX) |
208 | 0 | || ((it->size & INTxx_FLAG_SIGNED) == 0 && utmp > UINT32_MAX)) { |
209 | 0 | ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LARGE); |
210 | 0 | return 0; |
211 | 0 | } |
212 | 0 | } |
213 | | |
214 | 0 | long_compat: |
215 | 0 | utmp2 = (uint32_t)utmp; |
216 | 0 | memcpy(cp, &utmp2, sizeof(utmp2)); |
217 | 0 | return 1; |
218 | 0 | } |
219 | | |
220 | | static int uint32_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it, |
221 | | int indent, const ASN1_PCTX *pctx) |
222 | 0 | { |
223 | 0 | if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED) |
224 | 0 | return BIO_printf(out, "%d\n", (int)**(int32_t **)pval); |
225 | 0 | return BIO_printf(out, "%u\n", (unsigned int)**(uint32_t **)pval); |
226 | 0 | } |
227 | | |
228 | | /* Define the primitives themselves */ |
229 | | |
230 | | static ASN1_PRIMITIVE_FUNCS uint32_pf = { |
231 | | NULL, 0, |
232 | | uint32_new, |
233 | | uint32_free, |
234 | | uint32_clear, |
235 | | uint32_c2i, |
236 | | uint32_i2c, |
237 | | uint32_print |
238 | | }; |
239 | | |
240 | | static ASN1_PRIMITIVE_FUNCS uint64_pf = { |
241 | | NULL, 0, |
242 | | uint64_new, |
243 | | uint64_free, |
244 | | uint64_clear, |
245 | | uint64_c2i, |
246 | | uint64_i2c, |
247 | | uint64_print |
248 | | }; |
249 | | |
250 | 0 | ASN1_ITEM_start(INT32) |
251 | 0 | ASN1_ITYPE_PRIMITIVE, |
252 | 0 | V_ASN1_INTEGER, NULL, 0, &uint32_pf, |
253 | 0 | INTxx_FLAG_SIGNED, "INT32" ASN1_ITEM_end(INT32) |
254 | | |
255 | 0 | ASN1_ITEM_start(UINT32) ASN1_ITYPE_PRIMITIVE, |
256 | 0 | V_ASN1_INTEGER, NULL, 0, &uint32_pf, 0, "UINT32" ASN1_ITEM_end(UINT32) |
257 | | |
258 | 0 | ASN1_ITEM_start(INT64) ASN1_ITYPE_PRIMITIVE, |
259 | 0 | V_ASN1_INTEGER, NULL, 0, &uint64_pf, |
260 | 0 | INTxx_FLAG_SIGNED, "INT64" ASN1_ITEM_end(INT64) |
261 | | |
262 | 0 | ASN1_ITEM_start(UINT64) ASN1_ITYPE_PRIMITIVE, |
263 | 0 | V_ASN1_INTEGER, NULL, 0, &uint64_pf, 0, "UINT64" ASN1_ITEM_end(UINT64) |
264 | | |
265 | 0 | ASN1_ITEM_start(ZINT32) ASN1_ITYPE_PRIMITIVE, |
266 | 0 | V_ASN1_INTEGER, NULL, 0, &uint32_pf, |
267 | 0 | INTxx_FLAG_ZERO_DEFAULT | INTxx_FLAG_SIGNED, "ZINT32" ASN1_ITEM_end(ZINT32) |
268 | | |
269 | 0 | ASN1_ITEM_start(ZUINT32) ASN1_ITYPE_PRIMITIVE, |
270 | 0 | V_ASN1_INTEGER, NULL, 0, &uint32_pf, |
271 | 0 | INTxx_FLAG_ZERO_DEFAULT, "ZUINT32" ASN1_ITEM_end(ZUINT32) |
272 | | |
273 | 0 | ASN1_ITEM_start(ZINT64) ASN1_ITYPE_PRIMITIVE, |
274 | 0 | V_ASN1_INTEGER, NULL, 0, &uint64_pf, |
275 | 0 | INTxx_FLAG_ZERO_DEFAULT | INTxx_FLAG_SIGNED, "ZINT64" ASN1_ITEM_end(ZINT64) |
276 | | |
277 | 0 | ASN1_ITEM_start(ZUINT64) ASN1_ITYPE_PRIMITIVE, |
278 | 0 | V_ASN1_INTEGER, NULL, 0, &uint64_pf, |
279 | 0 | INTxx_FLAG_ZERO_DEFAULT, "ZUINT64" ASN1_ITEM_end(ZUINT64) |