/src/openssl33/crypto/packet.c

Source
/*
 * Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include "internal/cryptlib.h"
#include "internal/packet.h"
#if !defined OPENSSL_NO_QUIC && !defined FIPS_MODULE
#include "internal/packet_quic.h"
#endif
#include <openssl/err.h>

#define DEFAULT_BUF_SIZE 256

int WPACKET_allocate_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
{
    if (!WPACKET_reserve_bytes(pkt, len, allocbytes))
        return 0;

    pkt->written += len;
    pkt->curr += len;
    return 1;
}

int WPACKET_sub_allocate_bytes__(WPACKET *pkt, size_t len,
    unsigned char **allocbytes, size_t lenbytes)
{
    if (!WPACKET_start_sub_packet_len__(pkt, lenbytes)
        || !WPACKET_allocate_bytes(pkt, len, allocbytes)
        || !WPACKET_close(pkt))
        return 0;

    return 1;
}

#define GETBUF(p) (((p)->staticbuf != NULL)         \
        ? (p)->staticbuf                            \
        : ((p)->buf != NULL                         \
                  ? (unsigned char *)(p)->buf->data \
                  : NULL))

int WPACKET_reserve_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
{
    /* Internal API, so should not fail */
    if (!ossl_assert(pkt->subs != NULL && len != 0))
        return 0;

    if (pkt->maxsize - pkt->written < len)
        return 0;

    if (pkt->buf != NULL && (pkt->buf->length - pkt->written < len)) {
        size_t newlen;
        size_t reflen;

        reflen = (len > pkt->buf->length) ? len : pkt->buf->length;

        if (reflen > SIZE_MAX / 2) {
            newlen = SIZE_MAX;
        } else {
            newlen = reflen * 2;
            if (newlen < DEFAULT_BUF_SIZE)
                newlen = DEFAULT_BUF_SIZE;
        }
        if (BUF_MEM_grow(pkt->buf, newlen) == 0)
            return 0;
    }
    if (allocbytes != NULL) {
        *allocbytes = WPACKET_get_curr(pkt);
        if (pkt->endfirst && *allocbytes != NULL)
            *allocbytes -= len;
    }

    return 1;
}

int WPACKET_sub_reserve_bytes__(WPACKET *pkt, size_t len,
    unsigned char **allocbytes, size_t lenbytes)
{
    if (pkt->endfirst && lenbytes > 0)
        return 0;

    if (!WPACKET_reserve_bytes(pkt, lenbytes + len, allocbytes))
        return 0;

    if (*allocbytes != NULL)
        *allocbytes += lenbytes;

    return 1;
}

static size_t maxmaxsize(size_t lenbytes)
{
    if (lenbytes >= sizeof(size_t) || lenbytes == 0)
        return SIZE_MAX;

    return ((size_t)1 << (lenbytes * 8)) - 1 + lenbytes;
}

static int wpacket_intern_init_len(WPACKET *pkt, size_t lenbytes)
{
    unsigned char *lenchars;

    pkt->curr = 0;
    pkt->written = 0;

    if ((pkt->subs = OPENSSL_zalloc(sizeof(*pkt->subs))) == NULL)
        return 0;

    if (lenbytes == 0)
        return 1;

    pkt->subs->pwritten = lenbytes;
    pkt->subs->lenbytes = lenbytes;

    if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars)) {
        OPENSSL_free(pkt->subs);
        pkt->subs = NULL;
        return 0;
    }
    pkt->subs->packet_len = 0;

    return 1;
}

int WPACKET_init_static_len(WPACKET *pkt, unsigned char *buf, size_t len,
    size_t lenbytes)
{
    size_t max = maxmaxsize(lenbytes);

    /* Internal API, so should not fail */
    if (!ossl_assert(buf != NULL && len > 0))
        return 0;

    pkt->staticbuf = buf;
    pkt->buf = NULL;
    pkt->maxsize = (max < len) ? max : len;
    pkt->endfirst = 0;

    return wpacket_intern_init_len(pkt, lenbytes);
}

int WPACKET_init_der(WPACKET *pkt, unsigned char *buf, size_t len)
{
    /* Internal API, so should not fail */
    if (!ossl_assert(buf != NULL && len > 0))
        return 0;

    pkt->staticbuf = buf;
    pkt->buf = NULL;
    pkt->maxsize = len;
    pkt->endfirst = 1;

    return wpacket_intern_init_len(pkt, 0);
}

int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes)
{
    /* Internal API, so should not fail */
    if (!ossl_assert(buf != NULL))
        return 0;

    pkt->staticbuf = NULL;
    pkt->buf = buf;
    pkt->maxsize = maxmaxsize(lenbytes);
    pkt->endfirst = 0;

    return wpacket_intern_init_len(pkt, lenbytes);
}

int WPACKET_init(WPACKET *pkt, BUF_MEM *buf)
{
    return WPACKET_init_len(pkt, buf, 0);
}

int WPACKET_init_null(WPACKET *pkt, size_t lenbytes)
{
    pkt->staticbuf = NULL;
    pkt->buf = NULL;
    pkt->maxsize = maxmaxsize(lenbytes);
    pkt->endfirst = 0;

    return wpacket_intern_init_len(pkt, 0);
}

int WPACKET_init_null_der(WPACKET *pkt)
{
    pkt->staticbuf = NULL;
    pkt->buf = NULL;
    pkt->maxsize = SIZE_MAX;
    pkt->endfirst = 1;

    return wpacket_intern_init_len(pkt, 0);
}

int WPACKET_set_flags(WPACKET *pkt, unsigned int flags)
{
    /* Internal API, so should not fail */
    if (!ossl_assert(pkt->subs != NULL))
        return 0;

    pkt->subs->flags = flags;

    return 1;
}

/* Store the |value| of length |len| at location |data| */
static int put_value(unsigned char *data, uint64_t value, size_t len)
{
    if (data == NULL)
        return 1;

    for (data += len - 1; len > 0; len--) {
        *data = (unsigned char)(value & 0xff);
        data--;
        value >>= 8;
    }

    /* Check whether we could fit the value in the assigned number of bytes */
    if (value > 0)
        return 0;

    return 1;
}

#if !defined OPENSSL_NO_QUIC && !defined FIPS_MODULE
static int put_quic_value(unsigned char *data, size_t value, size_t len)
{
    if (data == NULL)
        return 1;

    /* Value too large for field. */
    if (ossl_quic_vlint_encode_len(value) > len)
        return 0;

    ossl_quic_vlint_encode_n(data, value, len);
    return 1;
}
#endif

/*
 * Internal helper function used by WPACKET_close(), WPACKET_finish() and
 * WPACKET_fill_lengths() to close a sub-packet and write out its length if
 * necessary. If |doclose| is 0 then it goes through the motions of closing
 * (i.e. it fills in all the lengths), but doesn't actually close anything.
 */
static int wpacket_intern_close(WPACKET *pkt, WPACKET_SUB *sub, int doclose)
{
    size_t packlen = pkt->written - sub->pwritten;

    if (packlen == 0
        && (sub->flags & WPACKET_FLAGS_NON_ZERO_LENGTH) != 0)
        return 0;

    if (packlen == 0
        && sub->flags & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) {
        /* We can't handle this case. Return an error */
        if (!doclose)
            return 0;

        /* Deallocate any bytes allocated for the length of the WPACKET */
        if ((pkt->curr - sub->lenbytes) == sub->packet_len) {
            pkt->written -= sub->lenbytes;
            pkt->curr -= sub->lenbytes;
        }

        /* Don't write out the packet length */
        sub->packet_len = 0;
        sub->lenbytes = 0;
    }

    /* Write out the WPACKET length if needed */
    if (sub->lenbytes > 0) {
        unsigned char *buf = GETBUF(pkt);

        if (buf != NULL) {
#if !defined OPENSSL_NO_QUIC && !defined FIPS_MODULE
            if ((sub->flags & WPACKET_FLAGS_QUIC_VLINT) == 0) {
                if (!put_value(&buf[sub->packet_len], packlen, sub->lenbytes))
                    return 0;
            } else {
                if (!put_quic_value(&buf[sub->packet_len], packlen, sub->lenbytes))
                    return 0;
            }
#else
            if (!put_value(&buf[sub->packet_len], packlen, sub->lenbytes))
                return 0;
#endif
        }
    } else if (pkt->endfirst && sub->parent != NULL
        && (packlen != 0
            || (sub->flags
                   & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH)
                == 0)) {
        size_t tmplen = packlen;
        size_t numlenbytes = 1;

        while ((tmplen = tmplen >> 8) > 0)
            numlenbytes++;
        if (!WPACKET_put_bytes__(pkt, packlen, numlenbytes))
            return 0;
        if (packlen > 0x7f) {
            numlenbytes |= 0x80;
            if (!WPACKET_put_bytes_u8(pkt, numlenbytes))
                return 0;
        }
    }

    if (doclose) {
        pkt->subs = sub->parent;
        OPENSSL_free(sub);
    }

    return 1;
}

int WPACKET_fill_lengths(WPACKET *pkt)
{
    WPACKET_SUB *sub;

    if (!ossl_assert(pkt->subs != NULL))
        return 0;

    for (sub = pkt->subs; sub != NULL; sub = sub->parent) {
        if (!wpacket_intern_close(pkt, sub, 0))
            return 0;
    }

    return 1;
}

int WPACKET_close(WPACKET *pkt)
{
    /*
     * Internal API, so should not fail - but we do negative testing of this
     * so no assert (otherwise the tests fail)
     */
    if (pkt->subs == NULL || pkt->subs->parent == NULL)
        return 0;

    return wpacket_intern_close(pkt, pkt->subs, 1);
}

int WPACKET_finish(WPACKET *pkt)
{
    int ret;

    /*
     * Internal API, so should not fail - but we do negative testing of this
     * so no assert (otherwise the tests fail)
     */
    if (pkt->subs == NULL || pkt->subs->parent != NULL)
        return 0;

    ret = wpacket_intern_close(pkt, pkt->subs, 1);
    if (ret) {
        OPENSSL_free(pkt->subs);
        pkt->subs = NULL;
    }

    return ret;
}

int WPACKET_start_sub_packet_len__(WPACKET *pkt, size_t lenbytes)
{
    WPACKET_SUB *sub;
    unsigned char *lenchars;

    /* Internal API, so should not fail */
    if (!ossl_assert(pkt->subs != NULL))
        return 0;

    /* We don't support lenbytes greater than 0 when doing endfirst writing */
    if (lenbytes > 0 && pkt->endfirst)
        return 0;

    if ((sub = OPENSSL_zalloc(sizeof(*sub))) == NULL)
        return 0;

    sub->parent = pkt->subs;
    pkt->subs = sub;
    sub->pwritten = pkt->written + lenbytes;
    sub->lenbytes = lenbytes;

    if (lenbytes == 0) {
        sub->packet_len = 0;
        return 1;
    }

    sub->packet_len = pkt->written;

    if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars))
        return 0;

    return 1;
}

int WPACKET_start_sub_packet(WPACKET *pkt)
{
    return WPACKET_start_sub_packet_len__(pkt, 0);
}

int WPACKET_put_bytes__(WPACKET *pkt, uint64_t val, size_t size)
{
    unsigned char *data;

    /* Internal API, so should not fail */
    if (!ossl_assert(size <= sizeof(uint64_t))
        || !WPACKET_allocate_bytes(pkt, size, &data)
        || !put_value(data, val, size))
        return 0;

    return 1;
}

int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize)
{
    WPACKET_SUB *sub;
    size_t lenbytes;

    /* Internal API, so should not fail */
    if (!ossl_assert(pkt->subs != NULL))
        return 0;

    /* Find the WPACKET_SUB for the top level */
    for (sub = pkt->subs; sub->parent != NULL; sub = sub->parent)
        continue;

    lenbytes = sub->lenbytes;
    if (lenbytes == 0)
        lenbytes = sizeof(pkt->maxsize);

    if (maxmaxsize(lenbytes) < maxsize || maxsize < pkt->written)
        return 0;

    pkt->maxsize = maxsize;

    return 1;
}

int WPACKET_memset(WPACKET *pkt, int ch, size_t len)
{
    unsigned char *dest;

    if (len == 0)
        return 1;

    if (!WPACKET_allocate_bytes(pkt, len, &dest))
        return 0;

    if (dest != NULL)
        memset(dest, ch, len);

    return 1;
}

int WPACKET_memcpy(WPACKET *pkt, const void *src, size_t len)
{
    unsigned char *dest;

    if (len == 0)
        return 1;

    if (!WPACKET_allocate_bytes(pkt, len, &dest))
        return 0;

    if (dest != NULL)
        memcpy(dest, src, len);

    return 1;
}

int WPACKET_sub_memcpy__(WPACKET *pkt, const void *src, size_t len,
    size_t lenbytes)
{
    if (!WPACKET_start_sub_packet_len__(pkt, lenbytes)
        || !WPACKET_memcpy(pkt, src, len)
        || !WPACKET_close(pkt))
        return 0;

    return 1;
}

int WPACKET_get_total_written(WPACKET *pkt, size_t *written)
{
    /* Internal API, so should not fail */
    if (!ossl_assert(written != NULL))
        return 0;

    *written = pkt->written;

    return 1;
}

int WPACKET_get_length(WPACKET *pkt, size_t *len)
{
    /* Internal API, so should not fail */
    if (!ossl_assert(pkt->subs != NULL && len != NULL))
        return 0;

    *len = pkt->written - pkt->subs->pwritten;

    return 1;
}

unsigned char *WPACKET_get_curr(WPACKET *pkt)
{
    unsigned char *buf = GETBUF(pkt);

    if (buf == NULL)
        return NULL;

    if (pkt->endfirst)
        return buf + pkt->maxsize - pkt->curr;

    return buf + pkt->curr;
}

int WPACKET_is_null_buf(WPACKET *pkt)
{
    return pkt->buf == NULL && pkt->staticbuf == NULL;
}

void WPACKET_cleanup(WPACKET *pkt)
{
    WPACKET_SUB *sub, *parent;

    for (sub = pkt->subs; sub != NULL; sub = parent) {
        parent = sub->parent;
        OPENSSL_free(sub);
    }
    pkt->subs = NULL;
}

#if !defined OPENSSL_NO_QUIC && !defined FIPS_MODULE

int WPACKET_start_quic_sub_packet_bound(WPACKET *pkt, size_t max_len)
{
    size_t enclen = ossl_quic_vlint_encode_len(max_len);

    if (enclen == 0)
        return 0;

    if (WPACKET_start_sub_packet_len__(pkt, enclen) == 0)
        return 0;

    pkt->subs->flags |= WPACKET_FLAGS_QUIC_VLINT;
    return 1;
}

int WPACKET_start_quic_sub_packet(WPACKET *pkt)
{
    /*
     * Assume no (sub)packet will exceed 4GiB, thus the 8-byte encoding need not
     * be used.
     */
    return WPACKET_start_quic_sub_packet_bound(pkt, OSSL_QUIC_VLINT_4B_MIN);
}

int WPACKET_quic_sub_allocate_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
{
    if (!WPACKET_start_quic_sub_packet_bound(pkt, len)
        || !WPACKET_allocate_bytes(pkt, len, allocbytes)
        || !WPACKET_close(pkt))
        return 0;

    return 1;
}

/*
 * Write a QUIC variable-length integer to the packet.
 */
int WPACKET_quic_write_vlint(WPACKET *pkt, uint64_t v)
{
    unsigned char *b = NULL;
    size_t enclen = ossl_quic_vlint_encode_len(v);

    if (enclen == 0)
        return 0;

    if (WPACKET_allocate_bytes(pkt, enclen, &b) == 0)
        return 0;

    ossl_quic_vlint_encode(b, v);
    return 1;
}

#endif

Coverage Report

Created: 2025-12-31 06:58

Line	Count	Source
1		/*
2		* Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include "internal/cryptlib.h"
11		#include "internal/packet.h"
12		#if !defined OPENSSL_NO_QUIC && !defined FIPS_MODULE
13		#include "internal/packet_quic.h"
14		#endif
15		#include <openssl/err.h>
16
17	207k	#define DEFAULT_BUF_SIZE 256
18
19		int WPACKET_allocate_bytes(WPACKET pkt, size_t len, unsigned char *allocbytes)
20	170M	{
21	170M	if (!WPACKET_reserve_bytes(pkt, len, allocbytes))
22	94.5k	return 0;
23
24	169M	pkt->written += len;
25	169M	pkt->curr += len;
26	169M	return 1;
27	170M	}
28
29		int WPACKET_sub_allocate_bytes__(WPACKET *pkt, size_t len,
30		unsigned char **allocbytes, size_t lenbytes)
31	36.5k	{
32	36.5k	if (!WPACKET_start_sub_packet_len__(pkt, lenbytes)
33	36.5k	\|\| !WPACKET_allocate_bytes(pkt, len, allocbytes)
34	36.5k	\|\| !WPACKET_close(pkt))
35	0	return 0;
36
37	36.5k	return 1;
38	36.5k	}
39
40	180M	#define GETBUF(p) (((p)->staticbuf != NULL) \
41	180M	? (p)->staticbuf \
42	180M	: ((p)->buf != NULL \
43	25.5M	? (unsigned char *)(p)->buf->data \
44	25.5M	: NULL))
45
46		int WPACKET_reserve_bytes(WPACKET pkt, size_t len, unsigned char *allocbytes)
47	172M	{
48		/* Internal API, so should not fail */
49	172M	if (!ossl_assert(pkt->subs != NULL && len != 0))
50	0	return 0;
51
52	172M	if (pkt->maxsize - pkt->written < len)
53	94.5k	return 0;
54
55	172M	if (pkt->buf != NULL && (pkt->buf->length - pkt->written < len)) {
56	119k	size_t newlen;
57	119k	size_t reflen;
58
59	119k	reflen = (len > pkt->buf->length) ? len : pkt->buf->length;
60
61	119k	if (reflen > SIZE_MAX / 2) {
62	0	newlen = SIZE_MAX;
63	119k	} else {
64	119k	newlen = reflen * 2;
65	119k	if (newlen < DEFAULT_BUF_SIZE)
66	87.8k	newlen = DEFAULT_BUF_SIZE;
67	119k	}
68	119k	if (BUF_MEM_grow(pkt->buf, newlen) == 0)
69	0	return 0;
70	119k	}
71	172M	if (allocbytes != NULL) {
72	169M	*allocbytes = WPACKET_get_curr(pkt);
73	169M	if (pkt->endfirst && *allocbytes != NULL)
74	80.2k	*allocbytes -= len;
75	169M	}
76
77	172M	return 1;
78	172M	}
79
80		int WPACKET_sub_reserve_bytes__(WPACKET *pkt, size_t len,
81		unsigned char **allocbytes, size_t lenbytes)
82	9.73k	{
83	9.73k	if (pkt->endfirst && lenbytes > 0)
84	0	return 0;
85
86	9.73k	if (!WPACKET_reserve_bytes(pkt, lenbytes + len, allocbytes))
87	0	return 0;
88
89	9.73k	if (*allocbytes != NULL)
90	9.73k	*allocbytes += lenbytes;
91
92	9.73k	return 1;
93	9.73k	}
94
95		static size_t maxmaxsize(size_t lenbytes)
96	26.6M	{
97	26.6M	if (lenbytes >= sizeof(size_t) \|\| lenbytes == 0)
98	26.6M	return SIZE_MAX;
99
100	0	return ((size_t)1 << (lenbytes * 8)) - 1 + lenbytes;
101	26.6M	}
102
103		static int wpacket_intern_init_len(WPACKET *pkt, size_t lenbytes)
104	16.7M	{
105	16.7M	unsigned char *lenchars;
106
107	16.7M	pkt->curr = 0;
108	16.7M	pkt->written = 0;
109
110	16.7M	if ((pkt->subs = OPENSSL_zalloc(sizeof(*pkt->subs))) == NULL)
111	0	return 0;
112
113	16.7M	if (lenbytes == 0)
114	16.7M	return 1;
115
116	0	pkt->subs->pwritten = lenbytes;
117	0	pkt->subs->lenbytes = lenbytes;
118
119	0	if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars)) {
120	0	OPENSSL_free(pkt->subs);
121	0	pkt->subs = NULL;
122	0	return 0;
123	0	}
124	0	pkt->subs->packet_len = 0;
125
126	0	return 1;
127	0	}
128
129		int WPACKET_init_static_len(WPACKET pkt, unsigned char buf, size_t len,
130		size_t lenbytes)
131	15.8M	{
132	15.8M	size_t max = maxmaxsize(lenbytes);
133
134		/* Internal API, so should not fail */
135	15.8M	if (!ossl_assert(buf != NULL && len > 0))
136	0	return 0;
137
138	15.8M	pkt->staticbuf = buf;
139	15.8M	pkt->buf = NULL;
140	15.8M	pkt->maxsize = (max < len) ? max : len;
141	15.8M	pkt->endfirst = 0;
142
143	15.8M	return wpacket_intern_init_len(pkt, lenbytes);
144	15.8M	}
145
146		int WPACKET_init_der(WPACKET pkt, unsigned char buf, size_t len)
147	26.6k	{
148		/* Internal API, so should not fail */
149	26.6k	if (!ossl_assert(buf != NULL && len > 0))
150	0	return 0;
151
152	26.6k	pkt->staticbuf = buf;
153	26.6k	pkt->buf = NULL;
154	26.6k	pkt->maxsize = len;
155	26.6k	pkt->endfirst = 1;
156
157	26.6k	return wpacket_intern_init_len(pkt, 0);
158	26.6k	}
159
160		int WPACKET_init_len(WPACKET pkt, BUF_MEM buf, size_t lenbytes)
161	345k	{
162		/* Internal API, so should not fail */
163	345k	if (!ossl_assert(buf != NULL))
164	0	return 0;
165
166	345k	pkt->staticbuf = NULL;
167	345k	pkt->buf = buf;
168	345k	pkt->maxsize = maxmaxsize(lenbytes);
169	345k	pkt->endfirst = 0;
170
171	345k	return wpacket_intern_init_len(pkt, lenbytes);
172	345k	}
173
174		int WPACKET_init(WPACKET pkt, BUF_MEM buf)
175	340k	{
176	340k	return WPACKET_init_len(pkt, buf, 0);
177	340k	}
178
179		int WPACKET_init_null(WPACKET *pkt, size_t lenbytes)
180	543k	{
181	543k	pkt->staticbuf = NULL;
182	543k	pkt->buf = NULL;
183	543k	pkt->maxsize = maxmaxsize(lenbytes);
184	543k	pkt->endfirst = 0;
185
186	543k	return wpacket_intern_init_len(pkt, 0);
187	543k	}
188
189		int WPACKET_init_null_der(WPACKET *pkt)
190	32	{
191	32	pkt->staticbuf = NULL;
192	32	pkt->buf = NULL;
193	32	pkt->maxsize = SIZE_MAX;
194	32	pkt->endfirst = 1;
195
196	32	return wpacket_intern_init_len(pkt, 0);
197	32	}
198
199		int WPACKET_set_flags(WPACKET *pkt, unsigned int flags)
200	261k	{
201		/* Internal API, so should not fail */
202	261k	if (!ossl_assert(pkt->subs != NULL))
203	0	return 0;
204
205	261k	pkt->subs->flags = flags;
206
207	261k	return 1;
208	261k	}
209
210		/* Store the \|value\| of length \|len\| at location \|data\| */
211		static int put_value(unsigned char *data, uint64_t value, size_t len)
212	33.9M	{
213	33.9M	if (data == NULL)
214	3.25M	return 1;
215
216	86.7M	for (data += len - 1; len > 0; len--) {
217	56.0M	*data = (unsigned char)(value & 0xff);
218	56.0M	data--;
219	56.0M	value >>= 8;
220	56.0M	}
221
222		/* Check whether we could fit the value in the assigned number of bytes */
223	30.6M	if (value > 0)
224	548	return 0;
225
226	30.6M	return 1;
227	30.6M	}
228
229		#if !defined OPENSSL_NO_QUIC && !defined FIPS_MODULE
230		static int put_quic_value(unsigned char *data, size_t value, size_t len)
231	0	{
232	0	if (data == NULL)
233	0	return 1;
234
235		/* Value too large for field. */
236	0	if (ossl_quic_vlint_encode_len(value) > len)
237	0	return 0;
238
239	0	ossl_quic_vlint_encode_n(data, value, len);
240	0	return 1;
241	0	}
242		#endif
243
244		/*
245		* Internal helper function used by WPACKET_close(), WPACKET_finish() and
246		* WPACKET_fill_lengths() to close a sub-packet and write out its length if
247		* necessary. If \|doclose\| is 0 then it goes through the motions of closing
248		* (i.e. it fills in all the lengths), but doesn't actually close anything.
249		*/
250		static int wpacket_intern_close(WPACKET pkt, WPACKET_SUB sub, int doclose)
251	23.1M	{
252	23.1M	size_t packlen = pkt->written - sub->pwritten;
253
254	23.1M	if (packlen == 0
255	1.36M	&& (sub->flags & WPACKET_FLAGS_NON_ZERO_LENGTH) != 0)
256	0	return 0;
257
258	23.1M	if (packlen == 0
259	1.36M	&& sub->flags & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) {
260		/* We can't handle this case. Return an error */
261	13.2k	if (!doclose)
262	0	return 0;
263
264		/* Deallocate any bytes allocated for the length of the WPACKET */
265	13.2k	if ((pkt->curr - sub->lenbytes) == sub->packet_len) {
266	13.2k	pkt->written -= sub->lenbytes;
267	13.2k	pkt->curr -= sub->lenbytes;
268	13.2k	}
269
270		/* Don't write out the packet length */
271	13.2k	sub->packet_len = 0;
272	13.2k	sub->lenbytes = 0;
273	13.2k	}
274
275		/* Write out the WPACKET length if needed */
276	23.1M	if (sub->lenbytes > 0) {
277	5.57M	unsigned char *buf = GETBUF(pkt);
278
279	5.57M	if (buf != NULL) {
280	5.57M	#if !defined OPENSSL_NO_QUIC && !defined FIPS_MODULE
281	5.57M	if ((sub->flags & WPACKET_FLAGS_QUIC_VLINT) == 0) {
282	5.57M	if (!put_value(&buf[sub->packet_len], packlen, sub->lenbytes))
283	428	return 0;
284	5.57M	} else {
285	0	if (!put_quic_value(&buf[sub->packet_len], packlen, sub->lenbytes))
286	0	return 0;
287	0	}
288		#else
289		if (!put_value(&buf[sub->packet_len], packlen, sub->lenbytes))
290		return 0;
291		#endif
292	5.57M	}
293	17.6M	} else if (pkt->endfirst && sub->parent != NULL
294	23.0k	&& (packlen != 0
295	14	\|\| (sub->flags
296	14	& WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH)
297	23.0k	== 0)) {
298	23.0k	size_t tmplen = packlen;
299	23.0k	size_t numlenbytes = 1;
300
301	23.1k	while ((tmplen = tmplen >> 8) > 0)
302	16	numlenbytes++;
303	23.0k	if (!WPACKET_put_bytes__(pkt, packlen, numlenbytes))
304	0	return 0;
305	23.0k	if (packlen > 0x7f) {
306	16	numlenbytes \|= 0x80;
307	16	if (!WPACKET_put_bytes_u8(pkt, numlenbytes))
308	0	return 0;
309	16	}
310	23.0k	}
311
312	23.1M	if (doclose) {
313	23.1M	pkt->subs = sub->parent;
314	23.1M	OPENSSL_free(sub);
315	23.1M	}
316
317	23.1M	return 1;
318	23.1M	}
319
320		int WPACKET_fill_lengths(WPACKET *pkt)
321	0	{
322	0	WPACKET_SUB *sub;
323
324	0	if (!ossl_assert(pkt->subs != NULL))
325	0	return 0;
326
327	0	for (sub = pkt->subs; sub != NULL; sub = sub->parent) {
328	0	if (!wpacket_intern_close(pkt, sub, 0))
329	0	return 0;
330	0	}
331
332	0	return 1;
333	0	}
334
335		int WPACKET_close(WPACKET *pkt)
336	7.56M	{
337		/*
338		* Internal API, so should not fail - but we do negative testing of this
339		* so no assert (otherwise the tests fail)
340		*/
341	7.56M	if (pkt->subs == NULL \|\| pkt->subs->parent == NULL)
342	0	return 0;
343
344	7.56M	return wpacket_intern_close(pkt, pkt->subs, 1);
345	7.56M	}
346
347		int WPACKET_finish(WPACKET *pkt)
348	16.2M	{
349	16.2M	int ret;
350
351		/*
352		* Internal API, so should not fail - but we do negative testing of this
353		* so no assert (otherwise the tests fail)
354		*/
355	16.2M	if (pkt->subs == NULL \|\| pkt->subs->parent != NULL)
356	0	return 0;
357
358	16.2M	ret = wpacket_intern_close(pkt, pkt->subs, 1);
359	16.2M	if (ret) {
360	16.2M	OPENSSL_free(pkt->subs);
361	16.2M	pkt->subs = NULL;
362	16.2M	}
363
364	16.2M	return ret;
365	16.2M	}
366
367		int WPACKET_start_sub_packet_len__(WPACKET *pkt, size_t lenbytes)
368	7.56M	{
369	7.56M	WPACKET_SUB *sub;
370	7.56M	unsigned char *lenchars;
371
372		/* Internal API, so should not fail */
373	7.56M	if (!ossl_assert(pkt->subs != NULL))
374	0	return 0;
375
376		/* We don't support lenbytes greater than 0 when doing endfirst writing */
377	7.56M	if (lenbytes > 0 && pkt->endfirst)
378	0	return 0;
379
380	7.56M	if ((sub = OPENSSL_zalloc(sizeof(*sub))) == NULL)
381	0	return 0;
382
383	7.56M	sub->parent = pkt->subs;
384	7.56M	pkt->subs = sub;
385	7.56M	sub->pwritten = pkt->written + lenbytes;
386	7.56M	sub->lenbytes = lenbytes;
387
388	7.56M	if (lenbytes == 0) {
389	1.75M	sub->packet_len = 0;
390	1.75M	return 1;
391	1.75M	}
392
393	5.81M	sub->packet_len = pkt->written;
394
395	5.81M	if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars))
396	0	return 0;
397
398	5.81M	return 1;
399	5.81M	}
400
401		int WPACKET_start_sub_packet(WPACKET *pkt)
402	1.75M	{
403	1.75M	return WPACKET_start_sub_packet_len__(pkt, 0);
404	1.75M	}
405
406		int WPACKET_put_bytes__(WPACKET *pkt, uint64_t val, size_t size)
407	28.1M	{
408	28.1M	unsigned char *data;
409
410		/* Internal API, so should not fail */
411	28.1M	if (!ossl_assert(size <= sizeof(uint64_t))
412	28.1M	\|\| !WPACKET_allocate_bytes(pkt, size, &data)
413	28.1M	\|\| !put_value(data, val, size))
414	33.7k	return 0;
415
416	28.1M	return 1;
417	28.1M	}
418
419		int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize)
420	9.99M	{
421	9.99M	WPACKET_SUB *sub;
422	9.99M	size_t lenbytes;
423
424		/* Internal API, so should not fail */
425	9.99M	if (!ossl_assert(pkt->subs != NULL))
426	0	return 0;
427
428		/* Find the WPACKET_SUB for the top level */
429	9.99M	for (sub = pkt->subs; sub->parent != NULL; sub = sub->parent)
430	0	continue;
431
432	9.99M	lenbytes = sub->lenbytes;
433	9.99M	if (lenbytes == 0)
434	9.99M	lenbytes = sizeof(pkt->maxsize);
435
436	9.99M	if (maxmaxsize(lenbytes) < maxsize \|\| maxsize < pkt->written)
437	0	return 0;
438
439	9.99M	pkt->maxsize = maxsize;
440
441	9.99M	return 1;
442	9.99M	}
443
444		int WPACKET_memset(WPACKET *pkt, int ch, size_t len)
445	1.43M	{
446	1.43M	unsigned char *dest;
447
448	1.43M	if (len == 0)
449	0	return 1;
450
451	1.43M	if (!WPACKET_allocate_bytes(pkt, len, &dest))
452	4	return 0;
453
454	1.43M	if (dest != NULL)
455	1.43M	memset(dest, ch, len);
456
457	1.43M	return 1;
458	1.43M	}
459
460		int WPACKET_memcpy(WPACKET pkt, const void src, size_t len)
461	14.3M	{
462	14.3M	unsigned char *dest;
463
464	14.3M	if (len == 0)
465	6.25M	return 1;
466
467	8.10M	if (!WPACKET_allocate_bytes(pkt, len, &dest))
468	59.7k	return 0;
469
470	8.04M	if (dest != NULL)
471	8.04M	memcpy(dest, src, len);
472
473	8.04M	return 1;
474	8.10M	}
475
476		int WPACKET_sub_memcpy__(WPACKET pkt, const void src, size_t len,
477		size_t lenbytes)
478	1.88M	{
479	1.88M	if (!WPACKET_start_sub_packet_len__(pkt, lenbytes)
480	1.88M	\|\| !WPACKET_memcpy(pkt, src, len)
481	1.88M	\|\| !WPACKET_close(pkt))
482	548	return 0;
483
484	1.88M	return 1;
485	1.88M	}
486
487		int WPACKET_get_total_written(WPACKET pkt, size_t written)
488	19.8M	{
489		/* Internal API, so should not fail */
490	19.8M	if (!ossl_assert(written != NULL))
491	0	return 0;
492
493	19.8M	*written = pkt->written;
494
495	19.8M	return 1;
496	19.8M	}
497
498		int WPACKET_get_length(WPACKET pkt, size_t len)
499	1.86M	{
500		/* Internal API, so should not fail */
501	1.86M	if (!ossl_assert(pkt->subs != NULL && len != NULL))
502	0	return 0;
503
504	1.86M	*len = pkt->written - pkt->subs->pwritten;
505
506	1.86M	return 1;
507	1.86M	}
508
509		unsigned char WPACKET_get_curr(WPACKET pkt)
510	174M	{
511	174M	unsigned char *buf = GETBUF(pkt);
512
513	174M	if (buf == NULL)
514	4.33M	return NULL;
515
516	170M	if (pkt->endfirst)
517	106k	return buf + pkt->maxsize - pkt->curr;
518
519	170M	return buf + pkt->curr;
520	170M	}
521
522		int WPACKET_is_null_buf(WPACKET *pkt)
523	542k	{
524	542k	return pkt->buf == NULL && pkt->staticbuf == NULL;
525	542k	}
526
527		void WPACKET_cleanup(WPACKET *pkt)
528	856k	{
529	856k	WPACKET_SUB sub, parent;
530
531	1.32M	for (sub = pkt->subs; sub != NULL; sub = parent) {
532	470k	parent = sub->parent;
533	470k	OPENSSL_free(sub);
534	470k	}
535	856k	pkt->subs = NULL;
536	856k	}
537
538		#if !defined OPENSSL_NO_QUIC && !defined FIPS_MODULE
539
540		int WPACKET_start_quic_sub_packet_bound(WPACKET *pkt, size_t max_len)
541	0	{
542	0	size_t enclen = ossl_quic_vlint_encode_len(max_len);
543
544	0	if (enclen == 0)
545	0	return 0;
546
547	0	if (WPACKET_start_sub_packet_len__(pkt, enclen) == 0)
548	0	return 0;
549
550	0	pkt->subs->flags \|= WPACKET_FLAGS_QUIC_VLINT;
551	0	return 1;
552	0	}
553
554		int WPACKET_start_quic_sub_packet(WPACKET *pkt)
555	0	{
556		/*
557		* Assume no (sub)packet will exceed 4GiB, thus the 8-byte encoding need not
558		* be used.
559		*/
560	0	return WPACKET_start_quic_sub_packet_bound(pkt, OSSL_QUIC_VLINT_4B_MIN);
561	0	}
562
563		int WPACKET_quic_sub_allocate_bytes(WPACKET pkt, size_t len, unsigned char *allocbytes)
564	0	{
565	0	if (!WPACKET_start_quic_sub_packet_bound(pkt, len)
566	0	\|\| !WPACKET_allocate_bytes(pkt, len, allocbytes)
567	0	\|\| !WPACKET_close(pkt))
568	0	return 0;
569
570	0	return 1;
571	0	}
572
573		/*
574		* Write a QUIC variable-length integer to the packet.
575		*/
576		int WPACKET_quic_write_vlint(WPACKET *pkt, uint64_t v)
577	59.6M	{
578	59.6M	unsigned char *b = NULL;
579	59.6M	size_t enclen = ossl_quic_vlint_encode_len(v);
580
581	59.6M	if (enclen == 0)
582	0	return 0;
583
584	59.6M	if (WPACKET_allocate_bytes(pkt, enclen, &b) == 0)
585	1.00k	return 0;
586
587	59.6M	ossl_quic_vlint_encode(b, v);
588	59.6M	return 1;
589	59.6M	}
590
591		#endif