/src/openssl30/crypto/asn1/x_long.c

Source (jump to first uncovered line)
/*
 * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>

#define COPY_SIZE(a, b) (sizeof(a) < sizeof(b) ? sizeof(a) : sizeof(b))

/*
 * Custom primitive type for long handling. This converts between an
 * ASN1_INTEGER and a long directly.
 */

static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it);

static int long_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype,
                    const ASN1_ITEM *it);
static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
                    int utype, char *free_cont, const ASN1_ITEM *it);
static int long_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it,
                      int indent, const ASN1_PCTX *pctx);

static ASN1_PRIMITIVE_FUNCS long_pf = {
    NULL, 0,
    long_new,
    long_free,
    long_free,                  /* Clear should set to initial value */
    long_c2i,
    long_i2c,
    long_print
};

ASN1_ITEM_start(LONG)
        ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, ASN1_LONG_UNDEF, "LONG"
ASN1_ITEM_end(LONG)

ASN1_ITEM_start(ZLONG)
        ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, 0, "ZLONG"
ASN1_ITEM_end(ZLONG)

static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
    memcpy(pval, &it->size, COPY_SIZE(*pval, it->size));
    return 1;
}

static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
    memcpy(pval, &it->size, COPY_SIZE(*pval, it->size));
}

/*
 * Originally BN_num_bits_word was called to perform this operation, but
 * trouble is that there is no guarantee that sizeof(long) equals to
 * sizeof(BN_ULONG). BN_ULONG is a configurable type that can be as wide
 * as long, but also double or half...
 */
static int num_bits_ulong(unsigned long value)
{
    size_t i;
    unsigned long ret = 0;

    /*
     * It is argued that *on average* constant counter loop performs
     * not worse [if not better] than one with conditional break or
     * mask-n-table-lookup-style, because of branch misprediction
     * penalties.
     */
    for (i = 0; i < sizeof(value) * 8; i++) {
        ret += (value != 0);
        value >>= 1;
    }

    return (int)ret;
}

static int long_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype,
                    const ASN1_ITEM *it)
{
    long ltmp;
    unsigned long utmp, sign;
    int clen, pad, i;

    memcpy(&ltmp, pval, COPY_SIZE(*pval, ltmp));
    if (ltmp == it->size)
        return -1;
    /*
     * Convert the long to positive: we subtract one if negative so we can
     * cleanly handle the padding if only the MSB of the leading octet is
     * set.
     */
    if (ltmp < 0) {
        sign = 0xff;
        utmp = 0 - (unsigned long)ltmp - 1;
    } else {
        sign = 0;
        utmp = ltmp;
    }
    clen = num_bits_ulong(utmp);
    /* If MSB of leading octet set we need to pad */
    if (!(clen & 0x7))
        pad = 1;
    else
        pad = 0;

    /* Convert number of bits to number of octets */
    clen = (clen + 7) >> 3;

    if (cont != NULL) {
        if (pad)
            *cont++ = (unsigned char)sign;
        for (i = clen - 1; i >= 0; i--) {
            cont[i] = (unsigned char)(utmp ^ sign);
            utmp >>= 8;
        }
    }
    return clen + pad;
}

static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
                    int utype, char *free_cont, const ASN1_ITEM *it)
{
    int i;
    long ltmp;
    unsigned long utmp = 0, sign = 0x100;

    if (len > 1) {
        /*
         * Check possible pad byte.  Worst case, we're skipping past actual
         * content, but since that's only with 0x00 and 0xff and we set neg
         * accordingly, the result will be correct in the end anyway.
         */
        switch (cont[0]) {
        case 0xff:
            cont++;
            len--;
            sign = 0xff;
            break;
        case 0:
            cont++;
            len--;
            sign = 0;
            break;
        }
    }
    if (len > (int)sizeof(long)) {
        ERR_raise(ERR_LIB_ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
        return 0;
    }

    if (sign == 0x100) {
        /* Is it negative? */
        if (len && (cont[0] & 0x80))
            sign = 0xff;
        else
            sign = 0;
    } else if (((sign ^ cont[0]) & 0x80) == 0) { /* same sign bit? */
        ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_PADDING);
        return 0;
    }
    utmp = 0;
    for (i = 0; i < len; i++) {
        utmp <<= 8;
        utmp |= cont[i] ^ sign;
    }
    ltmp = (long)utmp;
    if (ltmp < 0) {
        ERR_raise(ERR_LIB_ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
        return 0;
    }
    if (sign)
        ltmp = -ltmp - 1;
    if (ltmp == it->size) {
        ERR_raise(ERR_LIB_ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
        return 0;
    }
    memcpy(pval, &ltmp, COPY_SIZE(*pval, ltmp));
    return 1;
}

static int long_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it,
                      int indent, const ASN1_PCTX *pctx)
{
    long l;

    memcpy(&l, pval, COPY_SIZE(*pval, l));
    return BIO_printf(out, "%ld\n", l);
}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <stdio.h>
11		#include "internal/cryptlib.h"
12		#include <openssl/asn1t.h>
13
14	117k	#define COPY_SIZE(a, b) (sizeof(a) < sizeof(b) ? sizeof(a) : sizeof(b))
15
16		/*
17		* Custom primitive type for long handling. This converts between an
18		* ASN1_INTEGER and a long directly.
19		*/
20
21		static int long_new(ASN1_VALUE *pval, const ASN1_ITEM it);
22		static void long_free(ASN1_VALUE *pval, const ASN1_ITEM it);
23
24		static int long_i2c(const ASN1_VALUE *pval, unsigned char cont, int *putype,
25		const ASN1_ITEM *it);
26		static int long_c2i(ASN1_VALUE *pval, const unsigned char cont, int len,
27		int utype, char free_cont, const ASN1_ITEM it);
28		static int long_print(BIO out, const ASN1_VALUE pval, const ASN1_ITEM it,
29		int indent, const ASN1_PCTX *pctx);
30
31		static ASN1_PRIMITIVE_FUNCS long_pf = {
32		NULL, 0,
33		long_new,
34		long_free,
35		long_free, /* Clear should set to initial value */
36		long_c2i,
37		long_i2c,
38		long_print
39		};
40
41	52.9k	ASN1_ITEM_start(LONG)
42	52.9k	ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, ASN1_LONG_UNDEF, "LONG"
43	52.9k	ASN1_ITEM_end(LONG)
44
45	52.9k	ASN1_ITEM_start(ZLONG)
46	52.9k	ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, 0, "ZLONG"
47	52.9k	ASN1_ITEM_end(ZLONG)
48
49		static int long_new(ASN1_VALUE *pval, const ASN1_ITEM it)
50	0	{
51	0	memcpy(pval, &it->size, COPY_SIZE(*pval, it->size));
52	0	return 1;
53	0	}
54
55		static void long_free(ASN1_VALUE *pval, const ASN1_ITEM it)
56	105k	{
57	105k	memcpy(pval, &it->size, COPY_SIZE(*pval, it->size));
58	105k	}
59
60		/*
61		* Originally BN_num_bits_word was called to perform this operation, but
62		* trouble is that there is no guarantee that sizeof(long) equals to
63		* sizeof(BN_ULONG). BN_ULONG is a configurable type that can be as wide
64		* as long, but also double or half...
65		*/
66		static int num_bits_ulong(unsigned long value)
67	6.85k	{
68	6.85k	size_t i;
69	6.85k	unsigned long ret = 0;
70
71		/*
72		* It is argued that on average constant counter loop performs
73		* not worse [if not better] than one with conditional break or
74		* mask-n-table-lookup-style, because of branch misprediction
75		* penalties.
76		*/
77	445k	for (i = 0; i < sizeof(value) * 8; i++) {
78	438k	ret += (value != 0);
79	438k	value >>= 1;
80	438k	}
81
82	6.85k	return (int)ret;
83	6.85k	}
84
85		static int long_i2c(const ASN1_VALUE *pval, unsigned char cont, int *putype,
86		const ASN1_ITEM *it)
87	6.85k	{
88	6.85k	long ltmp;
89	6.85k	unsigned long utmp, sign;
90	6.85k	int clen, pad, i;
91
92	6.85k	memcpy(&ltmp, pval, COPY_SIZE(*pval, ltmp));
93	6.85k	if (ltmp == it->size)
94	0	return -1;
95		/*
96		* Convert the long to positive: we subtract one if negative so we can
97		* cleanly handle the padding if only the MSB of the leading octet is
98		* set.
99		*/
100	6.85k	if (ltmp < 0) {
101	2.80k	sign = 0xff;
102	2.80k	utmp = 0 - (unsigned long)ltmp - 1;
103	4.05k	} else {
104	4.05k	sign = 0;
105	4.05k	utmp = ltmp;
106	4.05k	}
107	6.85k	clen = num_bits_ulong(utmp);
108		/* If MSB of leading octet set we need to pad */
109	6.85k	if (!(clen & 0x7))
110	1.11k	pad = 1;
111	5.74k	else
112	5.74k	pad = 0;
113
114		/* Convert number of bits to number of octets */
115	6.85k	clen = (clen + 7) >> 3;
116
117	6.85k	if (cont != NULL) {
118	2.28k	if (pad)
119	370	*cont++ = (unsigned char)sign;
120	12.5k	for (i = clen - 1; i >= 0; i--) {
121	10.3k	cont[i] = (unsigned char)(utmp ^ sign);
122	10.3k	utmp >>= 8;
123	10.3k	}
124	2.28k	}
125	6.85k	return clen + pad;
126	6.85k	}
127
128		static int long_c2i(ASN1_VALUE *pval, const unsigned char cont, int len,
129		int utype, char free_cont, const ASN1_ITEM it)
130	3.99k	{
131	3.99k	int i;
132	3.99k	long ltmp;
133	3.99k	unsigned long utmp = 0, sign = 0x100;
134
135	3.99k	if (len > 1) {
136		/*
137		* Check possible pad byte. Worst case, we're skipping past actual
138		* content, but since that's only with 0x00 and 0xff and we set neg
139		* accordingly, the result will be correct in the end anyway.
140		*/
141	3.78k	switch (cont[0]) {
142	964	case 0xff:
143	964	cont++;
144	964	len--;
145	964	sign = 0xff;
146	964	break;
147	788	case 0:
148	788	cont++;
149	788	len--;
150	788	sign = 0;
151	788	break;
152	3.78k	}
153	3.78k	}
154	3.99k	if (len > (int)sizeof(long)) {
155	388	ERR_raise(ERR_LIB_ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
156	388	return 0;
157	388	}
158
159	3.60k	if (sign == 0x100) {
160		/* Is it negative? */
161	1.94k	if (len && (cont[0] & 0x80))
162	830	sign = 0xff;
163	1.11k	else
164	1.11k	sign = 0;
165	1.94k	} else if (((sign ^ cont[0]) & 0x80) == 0) { /* same sign bit? */
166	666	ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_PADDING);
167	666	return 0;
168	666	}
169	2.94k	utmp = 0;
170	18.3k	for (i = 0; i < len; i++) {
171	15.3k	utmp <<= 8;
172	15.3k	utmp \|= cont[i] ^ sign;
173	15.3k	}
174	2.94k	ltmp = (long)utmp;
175	2.94k	if (ltmp < 0) {
176	632	ERR_raise(ERR_LIB_ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
177	632	return 0;
178	632	}
179	2.31k	if (sign)
180	934	ltmp = -ltmp - 1;
181	2.31k	if (ltmp == it->size) {
182	15	ERR_raise(ERR_LIB_ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
183	15	return 0;
184	15	}
185	2.29k	memcpy(pval, &ltmp, COPY_SIZE(*pval, ltmp));
186	2.29k	return 1;
187	2.31k	}
188
189		static int long_print(BIO out, const ASN1_VALUE pval, const ASN1_ITEM it,
190		int indent, const ASN1_PCTX *pctx)
191	2.28k	{
192	2.28k	long l;
193
194	2.28k	memcpy(&l, pval, COPY_SIZE(*pval, l));
195	2.28k	return BIO_printf(out, "%ld\n", l);
196	2.28k	}

Coverage Report

Created: 2025-06-13 06:58