1 /*
2 * Copyright 2003-2026 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include "internal/e_os.h"
11 #include <string.h>
12 #include <limits.h>
13 #include <openssl/crypto.h>
14 #include "crypto/ctype.h"
15 #include "internal/cryptlib.h"
16 #include "internal/thread_once.h"
17 #include "internal/to_hex.h"
18
19 #define DEFAULT_SEPARATOR ':'
20 #define CH_ZERO '\0'
21
CRYPTO_strdup(const char * str,const char * file,int line)22 char *CRYPTO_strdup(const char *str, const char *file, int line)
23 {
24 char *ret;
25
26 if (str == NULL)
27 return NULL;
28 ret = CRYPTO_malloc(strlen(str) + 1, file, line);
29 if (ret != NULL)
30 strcpy(ret, str);
31 return ret;
32 }
33
CRYPTO_strndup(const char * str,size_t s,const char * file,int line)34 char *CRYPTO_strndup(const char *str, size_t s, const char *file, int line)
35 {
36 size_t maxlen;
37 char *ret;
38
39 if (str == NULL)
40 return NULL;
41
42 maxlen = OPENSSL_strnlen(str, s);
43
44 ret = CRYPTO_malloc(maxlen + 1, file, line);
45 if (ret) {
46 memcpy(ret, str, maxlen);
47 ret[maxlen] = CH_ZERO;
48 }
49 return ret;
50 }
51
CRYPTO_memdup(const void * data,size_t siz,const char * file,int line)52 void *CRYPTO_memdup(const void *data, size_t siz, const char *file, int line)
53 {
54 void *ret;
55
56 if (data == NULL || siz >= INT_MAX)
57 return NULL;
58
59 ret = CRYPTO_malloc(siz, file, line);
60 if (ret == NULL)
61 return NULL;
62 return memcpy(ret, data, siz);
63 }
64
OPENSSL_strnlen(const char * str,size_t maxlen)65 size_t OPENSSL_strnlen(const char *str, size_t maxlen)
66 {
67 const char *p;
68
69 for (p = str; maxlen-- != 0 && *p != CH_ZERO; ++p)
70 ;
71
72 return p - str;
73 }
74
OPENSSL_strlcpy(char * dst,const char * src,size_t size)75 size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size)
76 {
77 size_t l = 0;
78 for (; size > 1 && *src; size--) {
79 *dst++ = *src++;
80 l++;
81 }
82 if (size)
83 *dst = CH_ZERO;
84 return l + strlen(src);
85 }
86
OPENSSL_strlcat(char * dst,const char * src,size_t size)87 size_t OPENSSL_strlcat(char *dst, const char *src, size_t size)
88 {
89 size_t l = 0;
90 for (; size > 0 && *dst; size--, dst++)
91 l++;
92 return l + OPENSSL_strlcpy(dst, src, size);
93 }
94
95 /**
96 * @brief Converts a string to an unsigned long integer.
97 *
98 * This function attempts to convert a string representation of a number
99 * to an unsigned long integer, given a specified base. It also provides
100 * error checking and reports whether the conversion was successful.
101 * This function is just a wrapper around the POSIX strtoul function with
102 * additional error checking. This implies that errno for the caller is set
103 * on calls to this function.
104 *
105 * @param str The string containing the representation of the number.
106 * @param endptr A pointer to a pointer to character. If not NULL, it is set
107 * to the character immediately following the number in the
108 * string.
109 * @param base The base to use for the conversion, which must be between 2,
110 * and 36 inclusive, or be the special value 0. If the base is 0,
111 * the actual base is determined by the format of the initial
112 * characters of the string.
113 * @param num A pointer to an unsigned long where the result of the
114 * conversion is stored.
115 *
116 * @return 1 if the conversion was successful, 0 otherwise. Conversion is
117 * considered unsuccessful if no digits were consumed or if an error
118 * occurred during conversion.
119 *
120 * @note It is the caller's responsibility to check if the conversion is
121 * correct based on the expected consumption of the string as reported
122 * by endptr.
123 */
OPENSSL_strtoul(const char * str,char ** endptr,int base,unsigned long * num)124 int OPENSSL_strtoul(const char *str, char **endptr, int base,
125 unsigned long *num)
126 {
127 char *tmp_endptr;
128 char **internal_endptr = endptr == NULL ? &tmp_endptr : endptr;
129
130 errno = 0;
131
132 *internal_endptr = (char *)str;
133
134 if (num == NULL)
135 return 0;
136
137 if (str == NULL)
138 return 0;
139
140 /* Fail on negative input */
141 if (*str == '-')
142 return 0;
143
144 *num = strtoul(str, internal_endptr, base);
145 /*
146 * We return error from this function under the following conditions
147 * 1) If strtoul itself returned an error in translation
148 * 2) If the caller didn't pass in an endptr value, and **internal_endptr
149 * doesn't point to '\0'. The implication here is that if the caller
150 * doesn't care how much of a string is consumed, they expect the entire
151 * string to be consumed. As such, no pointing to the NULL terminator
152 * means there was some part of the string left over after translation
153 * 3) If no bytes of the string were consumed
154 */
155 if (errno != 0 || (endptr == NULL && **internal_endptr != '\0') || (str == *internal_endptr))
156 return 0;
157
158 return 1;
159 }
160
OPENSSL_hexchar2int(unsigned char c)161 int OPENSSL_hexchar2int(unsigned char c)
162 {
163 #ifdef CHARSET_EBCDIC
164 c = os_toebcdic[c];
165 #endif
166
167 switch (c) {
168 case '0':
169 return 0;
170 case '1':
171 return 1;
172 case '2':
173 return 2;
174 case '3':
175 return 3;
176 case '4':
177 return 4;
178 case '5':
179 return 5;
180 case '6':
181 return 6;
182 case '7':
183 return 7;
184 case '8':
185 return 8;
186 case '9':
187 return 9;
188 case 'a':
189 case 'A':
190 return 0x0A;
191 case 'b':
192 case 'B':
193 return 0x0B;
194 case 'c':
195 case 'C':
196 return 0x0C;
197 case 'd':
198 case 'D':
199 return 0x0D;
200 case 'e':
201 case 'E':
202 return 0x0E;
203 case 'f':
204 case 'F':
205 return 0x0F;
206 }
207 return -1;
208 }
209
hexstr2buf_sep(unsigned char * buf,size_t buf_n,size_t * buflen,const char * str,const char sep)210 static int hexstr2buf_sep(unsigned char *buf, size_t buf_n, size_t *buflen,
211 const char *str, const char sep)
212 {
213 unsigned char *q;
214 unsigned char ch, cl;
215 int chi, cli;
216 const unsigned char *p;
217 size_t cnt;
218
219 for (p = (const unsigned char *)str, q = buf, cnt = 0; *p;) {
220 ch = *p++;
221 /* A separator of CH_ZERO means there is no separator */
222 if (ch == sep && sep != CH_ZERO)
223 continue;
224 cl = *p++;
225 if (!cl) {
226 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_ODD_NUMBER_OF_DIGITS);
227 return 0;
228 }
229 cli = OPENSSL_hexchar2int(cl);
230 chi = OPENSSL_hexchar2int(ch);
231 if (cli < 0 || chi < 0) {
232 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_ILLEGAL_HEX_DIGIT);
233 return 0;
234 }
235 cnt++;
236 if (q != NULL) {
237 if (cnt > buf_n) {
238 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_SMALL_BUFFER);
239 return 0;
240 }
241 *q++ = (unsigned char)((chi << 4) | cli);
242 }
243 }
244
245 if (buflen != NULL)
246 *buflen = cnt;
247 return 1;
248 }
249
250 /*
251 * Given a string of hex digits convert to a buffer
252 */
OPENSSL_hexstr2buf_ex(unsigned char * buf,size_t buf_n,size_t * buflen,const char * str,const char sep)253 int OPENSSL_hexstr2buf_ex(unsigned char *buf, size_t buf_n, size_t *buflen,
254 const char *str, const char sep)
255 {
256 return hexstr2buf_sep(buf, buf_n, buflen, str, sep);
257 }
258
ossl_hexstr2buf_sep(const char * str,long * buflen,const char sep)259 unsigned char *ossl_hexstr2buf_sep(const char *str, long *buflen,
260 const char sep)
261 {
262 unsigned char *buf;
263 size_t buf_n, tmp_buflen;
264
265 buf_n = strlen(str);
266 if (buf_n <= 1) {
267 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_HEX_STRING_TOO_SHORT);
268 return NULL;
269 }
270 buf_n /= 2;
271 if ((buf = OPENSSL_malloc(buf_n)) == NULL)
272 return NULL;
273
274 if (buflen != NULL)
275 *buflen = 0;
276 tmp_buflen = 0;
277 if (hexstr2buf_sep(buf, buf_n, &tmp_buflen, str, sep)) {
278 if (buflen != NULL)
279 *buflen = (long)tmp_buflen;
280 return buf;
281 }
282 OPENSSL_free(buf);
283 return NULL;
284 }
285
OPENSSL_hexstr2buf(const char * str,long * buflen)286 unsigned char *OPENSSL_hexstr2buf(const char *str, long *buflen)
287 {
288 return ossl_hexstr2buf_sep(str, buflen, DEFAULT_SEPARATOR);
289 }
290
buf2hexstr_sep(char * str,size_t str_n,size_t * strlength,const unsigned char * buf,size_t buflen,const char sep)291 static int buf2hexstr_sep(char *str, size_t str_n, size_t *strlength,
292 const unsigned char *buf, size_t buflen,
293 const char sep)
294 {
295 char *q;
296 int has_sep = (sep != CH_ZERO);
297 size_t i, len = has_sep ? buflen * 3 : 1 + buflen * 2;
298
299 if (buflen > (has_sep ? SIZE_MAX / 3 : (SIZE_MAX - 1) / 2)) {
300 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_BYTES);
301 return 0;
302 }
303
304 if (len == 0)
305 ++len;
306 if (strlength != NULL)
307 *strlength = len;
308 if (str == NULL)
309 return 1;
310
311 if (str_n < len) {
312 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_SMALL_BUFFER);
313 return 0;
314 }
315
316 q = str;
317 for (i = 0; i < buflen; i++) {
318 q += ossl_to_hex(q, buf[i]);
319 if (has_sep)
320 *q++ = sep;
321 }
322 if (has_sep && buflen > 0)
323 --q;
324 *q = CH_ZERO;
325
326 #ifdef CHARSET_EBCDIC
327 ebcdic2ascii(str, str, q - str);
328 #endif
329 return 1;
330 }
331
OPENSSL_buf2hexstr_ex(char * str,size_t str_n,size_t * strlength,const unsigned char * buf,size_t buflen,const char sep)332 int OPENSSL_buf2hexstr_ex(char *str, size_t str_n, size_t *strlength,
333 const unsigned char *buf, size_t buflen,
334 const char sep)
335 {
336 return buf2hexstr_sep(str, str_n, strlength, buf, buflen, sep);
337 }
338
ossl_buf2hexstr_sep(const unsigned char * buf,long buflen,char sep)339 char *ossl_buf2hexstr_sep(const unsigned char *buf, long buflen, char sep)
340 {
341 char *tmp;
342 size_t tmp_n;
343
344 if (buflen == 0)
345 return OPENSSL_zalloc(1);
346
347 if ((sep != CH_ZERO && (size_t)buflen > SIZE_MAX / 3)
348 || (sep == CH_ZERO && (size_t)buflen > (SIZE_MAX - 1) / 2)) {
349 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_BYTES);
350 return NULL;
351 }
352
353 tmp_n = (sep != CH_ZERO) ? (size_t)buflen * 3 : 1 + (size_t)buflen * 2;
354 if ((tmp = OPENSSL_malloc(tmp_n)) == NULL)
355 return NULL;
356
357 if (buf2hexstr_sep(tmp, tmp_n, NULL, buf, buflen, sep))
358 return tmp;
359 OPENSSL_free(tmp);
360 return NULL;
361 }
362
363 /*
364 * Given a buffer of length 'buflen' return a OPENSSL_malloc'ed string with
365 * its hex representation @@@ (Contents of buffer are always kept in ASCII,
366 * also on EBCDIC machines)
367 */
OPENSSL_buf2hexstr(const unsigned char * buf,long buflen)368 char *OPENSSL_buf2hexstr(const unsigned char *buf, long buflen)
369 {
370 return ossl_buf2hexstr_sep(buf, buflen, DEFAULT_SEPARATOR);
371 }
372
openssl_strerror_r(int errnum,char * buf,size_t buflen)373 int openssl_strerror_r(int errnum, char *buf, size_t buflen)
374 {
375 #if defined(_MSC_VER) && _MSC_VER >= 1400 && !defined(_WIN32_WCE)
376 return !strerror_s(buf, buflen, errnum);
377 #elif defined(_GNU_SOURCE)
378 char *err;
379
380 /*
381 * GNU strerror_r may not actually set buf.
382 * It can return a pointer to some (immutable) static string in which case
383 * buf is left unused.
384 */
385 err = strerror_r(errnum, buf, buflen);
386 if (err == NULL || buflen == 0)
387 return 0;
388 /*
389 * If err is statically allocated, err != buf and we need to copy the data.
390 * If err points somewhere inside buf, OPENSSL_strlcpy can handle this,
391 * since src and dest are not annotated with __restrict and the function
392 * reads src byte for byte and writes to dest.
393 * If err == buf we do not have to copy anything.
394 */
395 if (err != buf)
396 OPENSSL_strlcpy(buf, err, buflen);
397 return 1;
398 #elif (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) || (defined(_XOPEN_SOURCE) && _XOPEN_SOURCE >= 600)
399 /*
400 * We can use "real" strerror_r. The OpenSSL version differs in that it
401 * gives 1 on success and 0 on failure for consistency with other OpenSSL
402 * functions. Real strerror_r does it the other way around
403 */
404 return !strerror_r(errnum, buf, buflen);
405 #else
406 char *err;
407
408 /* Fall back to non-thread safe strerror()...its all we can do */
409 if (buflen < 2)
410 return 0;
411 err = strerror(errnum);
412 /* Can this ever happen? */
413 if (err == NULL)
414 return 0;
415 OPENSSL_strlcpy(buf, err, buflen);
416 return 1;
417 #endif
418 }
419
OPENSSL_strcasecmp(const char * s1,const char * s2)420 int OPENSSL_strcasecmp(const char *s1, const char *s2)
421 {
422 int t;
423
424 while ((t = ossl_tolower(*s1) - ossl_tolower(*s2++)) == 0)
425 if (*s1++ == '\0')
426 return 0;
427 return t;
428 }
429
OPENSSL_strncasecmp(const char * s1,const char * s2,size_t n)430 int OPENSSL_strncasecmp(const char *s1, const char *s2, size_t n)
431 {
432 int t;
433 size_t i;
434
435 for (i = 0; i < n; i++)
436 if ((t = ossl_tolower(*s1) - ossl_tolower(*s2++)) != 0)
437 return t;
438 else if (*s1++ == '\0')
439 return 0;
440 return 0;
441 }
442
ossl_to_hex(char * buf,uint8_t n)443 size_t ossl_to_hex(char *buf, uint8_t n)
444 {
445 static const char hexdig[] = "0123456789ABCDEF";
446
447 return to_hex(buf, n, hexdig);
448 }
449