/src/openssl30/crypto/asn1/x_int64.c

Source (jump to first uncovered line)
/*
 * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include "internal/cryptlib.h"
#include "internal/numbers.h"
#include <openssl/asn1t.h>
#include <openssl/bn.h>
#include "asn1_local.h"

/*
 * Custom primitive types for handling int32_t, int64_t, uint32_t, uint64_t.
 * This converts between an ASN1_INTEGER and those types directly.
 * This is preferred to using the LONG / ZLONG primitives.
 */

/*
 * We abuse the ASN1_ITEM fields |size| as a flags field
 */
#define INTxx_FLAG_ZERO_DEFAULT (1<<0)
#define INTxx_FLAG_SIGNED       (1<<1)

static int uint64_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
    if ((*pval = (ASN1_VALUE *)OPENSSL_zalloc(sizeof(uint64_t))) == NULL) {
        ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
        return 0;
    }
    return 1;
}

static void uint64_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
    OPENSSL_free(*pval);
    *pval = NULL;
}

static void uint64_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
    **(uint64_t **)pval = 0;
}

static int uint64_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype,
                      const ASN1_ITEM *it)
{
    uint64_t utmp;
    int neg = 0;
    /* this exists to bypass broken gcc optimization */
    char *cp = (char *)*pval;

    /* use memcpy, because we may not be uint64_t aligned */
    memcpy(&utmp, cp, sizeof(utmp));

    if ((it->size & INTxx_FLAG_ZERO_DEFAULT) == INTxx_FLAG_ZERO_DEFAULT
        && utmp == 0)
        return -1;
    if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
        && (int64_t)utmp < 0) {
        /* ossl_i2c_uint64_int() assumes positive values */
        utmp = 0 - utmp;
        neg = 1;
    }

    return ossl_i2c_uint64_int(cont, utmp, neg);
}

static int uint64_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
                      int utype, char *free_cont, const ASN1_ITEM *it)
{
    uint64_t utmp = 0;
    char *cp;
    int neg = 0;

    if (*pval == NULL && !uint64_new(pval, it))
        return 0;

    cp = (char *)*pval;

    /*
     * Strictly speaking, zero length is malformed.  However, long_c2i
     * (x_long.c) encodes 0 as a zero length INTEGER (wrongly, of course),
     * so for the sake of backward compatibility, we still decode zero
     * length INTEGERs as the number zero.
     */
    if (len == 0)
        goto long_compat;

    if (!ossl_c2i_uint64_int(&utmp, &neg, &cont, len))
        return 0;
    if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) {
        ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_NEGATIVE_VALUE);
        return 0;
    }
    if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
            && !neg && utmp > INT64_MAX) {
        ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LARGE);
        return 0;
    }
    if (neg)
        /* ossl_c2i_uint64_int() returns positive values */
        utmp = 0 - utmp;

 long_compat:
    memcpy(cp, &utmp, sizeof(utmp));
    return 1;
}

static int uint64_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it,
                        int indent, const ASN1_PCTX *pctx)
{
    if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED)
        return BIO_printf(out, "%jd\n", **(int64_t **)pval);
    return BIO_printf(out, "%ju\n", **(uint64_t **)pval);
}

/* 32-bit variants */

static int uint32_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
    if ((*pval = (ASN1_VALUE *)OPENSSL_zalloc(sizeof(uint32_t))) == NULL) {
        ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
        return 0;
    }
    return 1;
}

static void uint32_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
    OPENSSL_free(*pval);
    *pval = NULL;
}

static void uint32_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
    **(uint32_t **)pval = 0;
}

static int uint32_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype,
                      const ASN1_ITEM *it)
{
    uint32_t utmp;
    int neg = 0;
    /* this exists to bypass broken gcc optimization */
    char *cp = (char *)*pval;

    /* use memcpy, because we may not be uint32_t aligned */
    memcpy(&utmp, cp, sizeof(utmp));

    if ((it->size & INTxx_FLAG_ZERO_DEFAULT) == INTxx_FLAG_ZERO_DEFAULT
        && utmp == 0)
        return -1;
    if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
        && (int32_t)utmp < 0) {
        /* ossl_i2c_uint64_int() assumes positive values */
        utmp = 0 - utmp;
        neg = 1;
    }

    return ossl_i2c_uint64_int(cont, (uint64_t)utmp, neg);
}

/*
 * Absolute value of INT32_MIN: we can't just use -INT32_MIN as it produces
 * overflow warnings.
 */

#define ABS_INT32_MIN ((uint32_t)INT32_MAX + 1)

static int uint32_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
                      int utype, char *free_cont, const ASN1_ITEM *it)
{
    uint64_t utmp = 0;
    uint32_t utmp2 = 0;
    char *cp;
    int neg = 0;

    if (*pval == NULL && !uint64_new(pval, it))
        return 0;

    cp = (char *)*pval;

    /*
     * Strictly speaking, zero length is malformed.  However, long_c2i
     * (x_long.c) encodes 0 as a zero length INTEGER (wrongly, of course),
     * so for the sake of backward compatibility, we still decode zero
     * length INTEGERs as the number zero.
     */
    if (len == 0)
        goto long_compat;

    if (!ossl_c2i_uint64_int(&utmp, &neg, &cont, len))
        return 0;
    if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) {
        ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_NEGATIVE_VALUE);
        return 0;
    }
    if (neg) {
        if (utmp > ABS_INT32_MIN) {
            ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_SMALL);
            return 0;
        }
        utmp = 0 - utmp;
    } else {
        if (((it->size & INTxx_FLAG_SIGNED) != 0 && utmp > INT32_MAX)
            || ((it->size & INTxx_FLAG_SIGNED) == 0 && utmp > UINT32_MAX)) {
            ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LARGE);
            return 0;
        }
    }

 long_compat:
    utmp2 = (uint32_t)utmp;
    memcpy(cp, &utmp2, sizeof(utmp2));
    return 1;
}

static int uint32_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it,
                        int indent, const ASN1_PCTX *pctx)
{
    if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED)
        return BIO_printf(out, "%d\n", **(int32_t **)pval);
    return BIO_printf(out, "%u\n", **(uint32_t **)pval);
}


/* Define the primitives themselves */

static ASN1_PRIMITIVE_FUNCS uint32_pf = {
    NULL, 0,
    uint32_new,
    uint32_free,
    uint32_clear,
    uint32_c2i,
    uint32_i2c,
    uint32_print
};

static ASN1_PRIMITIVE_FUNCS uint64_pf = {
    NULL, 0,
    uint64_new,
    uint64_free,
    uint64_clear,
    uint64_c2i,
    uint64_i2c,
    uint64_print
};

ASN1_ITEM_start(INT32)
    ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf,
    INTxx_FLAG_SIGNED, "INT32"
ASN1_ITEM_end(INT32)

ASN1_ITEM_start(UINT32)
    ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf, 0, "UINT32"
ASN1_ITEM_end(UINT32)

ASN1_ITEM_start(INT64)
    ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf,
    INTxx_FLAG_SIGNED, "INT64"
ASN1_ITEM_end(INT64)

ASN1_ITEM_start(UINT64)
    ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf, 0, "UINT64"
ASN1_ITEM_end(UINT64)

ASN1_ITEM_start(ZINT32)
    ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf,
    INTxx_FLAG_ZERO_DEFAULT|INTxx_FLAG_SIGNED, "ZINT32"
ASN1_ITEM_end(ZINT32)

ASN1_ITEM_start(ZUINT32)
    ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf,
    INTxx_FLAG_ZERO_DEFAULT, "ZUINT32"
ASN1_ITEM_end(ZUINT32)

ASN1_ITEM_start(ZINT64)
    ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf,
    INTxx_FLAG_ZERO_DEFAULT|INTxx_FLAG_SIGNED, "ZINT64"
ASN1_ITEM_end(ZINT64)

ASN1_ITEM_start(ZUINT64)
    ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf,
    INTxx_FLAG_ZERO_DEFAULT, "ZUINT64"
ASN1_ITEM_end(ZUINT64)


Coverage Report

Created: 2023-06-08 06:43

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <stdio.h>
11		#include "internal/cryptlib.h"
12		#include "internal/numbers.h"
13		#include <openssl/asn1t.h>
14		#include <openssl/bn.h>
15		#include "asn1_local.h"
16
17		/*
18		* Custom primitive types for handling int32_t, int64_t, uint32_t, uint64_t.
19		* This converts between an ASN1_INTEGER and those types directly.
20		* This is preferred to using the LONG / ZLONG primitives.
21		*/
22
23		/*
24		* We abuse the ASN1_ITEM fields \|size\| as a flags field
25		*/
26	444k	#define INTxx_FLAG_ZERO_DEFAULT (1<<0)
27	941k	#define INTxx_FLAG_SIGNED (1<<1)
28
29		static int uint64_new(ASN1_VALUE *pval, const ASN1_ITEM it)
30	4.12k	{
31	4.12k	if ((pval = (ASN1_VALUE )OPENSSL_zalloc(sizeof(uint64_t))) == NULL) {
32	0	ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
33	0	return 0;
34	0	}
35	4.12k	return 1;
36	4.12k	}
37
38		static void uint64_free(ASN1_VALUE *pval, const ASN1_ITEM it)
39	48.5k	{
40	48.5k	OPENSSL_free(*pval);
41	48.5k	*pval = NULL;
42	48.5k	}
43
44		static void uint64_clear(ASN1_VALUE *pval, const ASN1_ITEM it)
45	79.4k	{
46	79.4k	(uint64_t )pval = 0;
47	79.4k	}
48
49		static int uint64_i2c(const ASN1_VALUE *pval, unsigned char cont, int *putype,
50		const ASN1_ITEM *it)
51	7.97k	{
52	7.97k	uint64_t utmp;
53	7.97k	int neg = 0;
54		/* this exists to bypass broken gcc optimization */
55	7.97k	char cp = (char )*pval;
56
57		/* use memcpy, because we may not be uint64_t aligned */
58	7.97k	memcpy(&utmp, cp, sizeof(utmp));
59
60	7.97k	if ((it->size & INTxx_FLAG_ZERO_DEFAULT) == INTxx_FLAG_ZERO_DEFAULT
61	7.97k	&& utmp == 0)
62	1.82k	return -1;
63	6.15k	if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
64	6.15k	&& (int64_t)utmp < 0) {
65		/* ossl_i2c_uint64_int() assumes positive values */
66	1.14k	utmp = 0 - utmp;
67	1.14k	neg = 1;
68	1.14k	}
69
70	6.15k	return ossl_i2c_uint64_int(cont, utmp, neg);
71	7.97k	}
72
73		static int uint64_c2i(ASN1_VALUE *pval, const unsigned char cont, int len,
74		int utype, char free_cont, const ASN1_ITEM it)
75	2.24k	{
76	2.24k	uint64_t utmp = 0;
77	2.24k	char *cp;
78	2.24k	int neg = 0;
79
80	2.24k	if (*pval == NULL && !uint64_new(pval, it))
81	0	return 0;
82
83	2.24k	cp = (char )pval;
84
85		/*
86		* Strictly speaking, zero length is malformed. However, long_c2i
87		* (x_long.c) encodes 0 as a zero length INTEGER (wrongly, of course),
88		* so for the sake of backward compatibility, we still decode zero
89		* length INTEGERs as the number zero.
90		*/
91	2.24k	if (len == 0)
92	5	goto long_compat;
93
94	2.24k	if (!ossl_c2i_uint64_int(&utmp, &neg, &cont, len))
95	405	return 0;
96	1.83k	if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) {
97	349	ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_NEGATIVE_VALUE);
98	349	return 0;
99	349	}
100	1.48k	if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
101	1.48k	&& !neg && utmp > INT64_MAX) {
102	129	ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LARGE);
103	129	return 0;
104	129	}
105	1.35k	if (neg)
106		/* ossl_c2i_uint64_int() returns positive values */
107	465	utmp = 0 - utmp;
108
109	1.36k	long_compat:
110	1.36k	memcpy(cp, &utmp, sizeof(utmp));
111	1.36k	return 1;
112	1.35k	}
113
114		static int uint64_print(BIO out, const ASN1_VALUE pval, const ASN1_ITEM it,
115		int indent, const ASN1_PCTX *pctx)
116	1.18k	{
117	1.18k	if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED)
118	702	return BIO_printf(out, "%jd\n", (int64_t )pval);
119	482	return BIO_printf(out, "%ju\n", (uint64_t )pval);
120	1.18k	}
121
122		/* 32-bit variants */
123
124		static int uint32_new(ASN1_VALUE *pval, const ASN1_ITEM it)
125	0	{
126	0	if ((pval = (ASN1_VALUE )OPENSSL_zalloc(sizeof(uint32_t))) == NULL) {
127	0	ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
128	0	return 0;
129	0	}
130	0	return 1;
131	0	}
132
133		static void uint32_free(ASN1_VALUE *pval, const ASN1_ITEM it)
134	48.5k	{
135	48.5k	OPENSSL_free(*pval);
136	48.5k	*pval = NULL;
137	48.5k	}
138
139		static void uint32_clear(ASN1_VALUE *pval, const ASN1_ITEM it)
140	333k	{
141	333k	(uint32_t )pval = 0;
142	333k	}
143
144		static int uint32_i2c(const ASN1_VALUE *pval, unsigned char cont, int *putype,
145		const ASN1_ITEM *it)
146	40.2k	{
147	40.2k	uint32_t utmp;
148	40.2k	int neg = 0;
149		/* this exists to bypass broken gcc optimization */
150	40.2k	char cp = (char )*pval;
151
152		/* use memcpy, because we may not be uint32_t aligned */
153	40.2k	memcpy(&utmp, cp, sizeof(utmp));
154
155	40.2k	if ((it->size & INTxx_FLAG_ZERO_DEFAULT) == INTxx_FLAG_ZERO_DEFAULT
156	40.2k	&& utmp == 0)
157	3.66k	return -1;
158	36.5k	if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
159	36.5k	&& (int32_t)utmp < 0) {
160		/* ossl_i2c_uint64_int() assumes positive values */
161	10.8k	utmp = 0 - utmp;
162	10.8k	neg = 1;
163	10.8k	}
164
165	36.5k	return ossl_i2c_uint64_int(cont, (uint64_t)utmp, neg);
166	40.2k	}
167
168		/*
169		* Absolute value of INT32_MIN: we can't just use -INT32_MIN as it produces
170		* overflow warnings.
171		*/
172
173	20.7k	#define ABS_INT32_MIN ((uint32_t)INT32_MAX + 1)
174
175		static int uint32_c2i(ASN1_VALUE *pval, const unsigned char cont, int len,
176		int utype, char free_cont, const ASN1_ITEM it)
177	95.2k	{
178	95.2k	uint64_t utmp = 0;
179	95.2k	uint32_t utmp2 = 0;
180	95.2k	char *cp;
181	95.2k	int neg = 0;
182
183	95.2k	if (*pval == NULL && !uint64_new(pval, it))
184	0	return 0;
185
186	95.2k	cp = (char )pval;
187
188		/*
189		* Strictly speaking, zero length is malformed. However, long_c2i
190		* (x_long.c) encodes 0 as a zero length INTEGER (wrongly, of course),
191		* so for the sake of backward compatibility, we still decode zero
192		* length INTEGERs as the number zero.
193		*/
194	95.2k	if (len == 0)
195	4.03k	goto long_compat;
196
197	91.1k	if (!ossl_c2i_uint64_int(&utmp, &neg, &cont, len))
198	1.46k	return 0;
199	89.7k	if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) {
200	1.23k	ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_NEGATIVE_VALUE);
201	1.23k	return 0;
202	1.23k	}
203	88.4k	if (neg) {
204	20.7k	if (utmp > ABS_INT32_MIN) {
205	3.15k	ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_SMALL);
206	3.15k	return 0;
207	3.15k	}
208	17.5k	utmp = 0 - utmp;
209	67.7k	} else {
210	67.7k	if (((it->size & INTxx_FLAG_SIGNED) != 0 && utmp > INT32_MAX)
211	67.7k	\|\| ((it->size & INTxx_FLAG_SIGNED) == 0 && utmp > UINT32_MAX)) {
212	3.96k	ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LARGE);
213	3.96k	return 0;
214	3.96k	}
215	67.7k	}
216
217	85.4k	long_compat:
218	85.4k	utmp2 = (uint32_t)utmp;
219	85.4k	memcpy(cp, &utmp2, sizeof(utmp2));
220	85.4k	return 1;
221	88.4k	}
222
223		static int uint32_print(BIO out, const ASN1_VALUE pval, const ASN1_ITEM it,
224		int indent, const ASN1_PCTX *pctx)
225	3.12k	{
226	3.12k	if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED)
227	2.92k	return BIO_printf(out, "%d\n", (int32_t )pval);
228	208	return BIO_printf(out, "%u\n", (uint32_t )pval);
229	3.12k	}
230
231
232		/* Define the primitives themselves */
233
234		static ASN1_PRIMITIVE_FUNCS uint32_pf = {
235		NULL, 0,
236		uint32_new,
237		uint32_free,
238		uint32_clear,
239		uint32_c2i,
240		uint32_i2c,
241		uint32_print
242		};
243
244		static ASN1_PRIMITIVE_FUNCS uint64_pf = {
245		NULL, 0,
246		uint64_new,
247		uint64_free,
248		uint64_clear,
249		uint64_c2i,
250		uint64_i2c,
251		uint64_print
252		};
253
254	441k	ASN1_ITEM_start(INT32)
255	441k	ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf,
256	441k	INTxx_FLAG_SIGNED, "INT32"
257	441k	ASN1_ITEM_end(INT32)
258
259	73.0k	ASN1_ITEM_start(UINT32)
260	73.0k	ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf, 0, "UINT32"
261	73.0k	ASN1_ITEM_end(UINT32)
262
263	12.1k	ASN1_ITEM_start(INT64)
264	12.1k	ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf,
265	12.1k	INTxx_FLAG_SIGNED, "INT64"
266	12.1k	ASN1_ITEM_end(INT64)
267
268	12.1k	ASN1_ITEM_start(UINT64)
269	12.1k	ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf, 0, "UINT64"
270	12.1k	ASN1_ITEM_end(UINT64)
271
272	49.4k	ASN1_ITEM_start(ZINT32)
273	49.4k	ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf,
274	49.4k	INTxx_FLAG_ZERO_DEFAULT\|INTxx_FLAG_SIGNED, "ZINT32"
275	49.4k	ASN1_ITEM_end(ZINT32)
276
277	103k	ASN1_ITEM_start(ZUINT32)
278	103k	ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf,
279	103k	INTxx_FLAG_ZERO_DEFAULT, "ZUINT32"
280	103k	ASN1_ITEM_end(ZUINT32)
281
282	73.6k	ASN1_ITEM_start(ZINT64)
283	73.6k	ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf,
284	73.6k	INTxx_FLAG_ZERO_DEFAULT\|INTxx_FLAG_SIGNED, "ZINT64"
285	73.6k	ASN1_ITEM_end(ZINT64)
286
287	73.1k	ASN1_ITEM_start(ZUINT64)
288	73.1k	ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf,
289	73.1k	INTxx_FLAG_ZERO_DEFAULT, "ZUINT64"
290	73.1k	ASN1_ITEM_end(ZUINT64)
291