xref: /freebsd/crypto/openssl/crypto/packet.c (revision b077aed33b7b6aefca7b17ddb250cf521f938613)
1 /*
2  * Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include "internal/cryptlib.h"
11 #include "internal/packet.h"
12 #include <openssl/err.h>
13 
14 #define DEFAULT_BUF_SIZE    256
15 
WPACKET_allocate_bytes(WPACKET * pkt,size_t len,unsigned char ** allocbytes)16 int WPACKET_allocate_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
17 {
18     if (!WPACKET_reserve_bytes(pkt, len, allocbytes))
19         return 0;
20 
21     pkt->written += len;
22     pkt->curr += len;
23     return 1;
24 }
25 
WPACKET_sub_allocate_bytes__(WPACKET * pkt,size_t len,unsigned char ** allocbytes,size_t lenbytes)26 int WPACKET_sub_allocate_bytes__(WPACKET *pkt, size_t len,
27                                  unsigned char **allocbytes, size_t lenbytes)
28 {
29     if (!WPACKET_start_sub_packet_len__(pkt, lenbytes)
30             || !WPACKET_allocate_bytes(pkt, len, allocbytes)
31             || !WPACKET_close(pkt))
32         return 0;
33 
34     return 1;
35 }
36 
37 #define GETBUF(p)   (((p)->staticbuf != NULL) \
38                      ? (p)->staticbuf \
39                      : ((p)->buf != NULL \
40                         ? (unsigned char *)(p)->buf->data \
41                         : NULL))
42 
WPACKET_reserve_bytes(WPACKET * pkt,size_t len,unsigned char ** allocbytes)43 int WPACKET_reserve_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes)
44 {
45     /* Internal API, so should not fail */
46     if (!ossl_assert(pkt->subs != NULL && len != 0))
47         return 0;
48 
49     if (pkt->maxsize - pkt->written < len)
50         return 0;
51 
52     if (pkt->buf != NULL && (pkt->buf->length - pkt->written < len)) {
53         size_t newlen;
54         size_t reflen;
55 
56         reflen = (len > pkt->buf->length) ? len : pkt->buf->length;
57 
58         if (reflen > SIZE_MAX / 2) {
59             newlen = SIZE_MAX;
60         } else {
61             newlen = reflen * 2;
62             if (newlen < DEFAULT_BUF_SIZE)
63                 newlen = DEFAULT_BUF_SIZE;
64         }
65         if (BUF_MEM_grow(pkt->buf, newlen) == 0)
66             return 0;
67     }
68     if (allocbytes != NULL) {
69         *allocbytes = WPACKET_get_curr(pkt);
70         if (pkt->endfirst && *allocbytes != NULL)
71             *allocbytes -= len;
72     }
73 
74     return 1;
75 }
76 
WPACKET_sub_reserve_bytes__(WPACKET * pkt,size_t len,unsigned char ** allocbytes,size_t lenbytes)77 int WPACKET_sub_reserve_bytes__(WPACKET *pkt, size_t len,
78                                 unsigned char **allocbytes, size_t lenbytes)
79 {
80     if (pkt->endfirst && lenbytes > 0)
81         return 0;
82 
83     if (!WPACKET_reserve_bytes(pkt, lenbytes + len, allocbytes))
84         return 0;
85 
86     if (*allocbytes != NULL)
87         *allocbytes += lenbytes;
88 
89     return 1;
90 }
91 
maxmaxsize(size_t lenbytes)92 static size_t maxmaxsize(size_t lenbytes)
93 {
94     if (lenbytes >= sizeof(size_t) || lenbytes == 0)
95         return SIZE_MAX;
96 
97     return ((size_t)1 << (lenbytes * 8)) - 1 + lenbytes;
98 }
99 
wpacket_intern_init_len(WPACKET * pkt,size_t lenbytes)100 static int wpacket_intern_init_len(WPACKET *pkt, size_t lenbytes)
101 {
102     unsigned char *lenchars;
103 
104     pkt->curr = 0;
105     pkt->written = 0;
106 
107     if ((pkt->subs = OPENSSL_zalloc(sizeof(*pkt->subs))) == NULL) {
108         ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
109         return 0;
110     }
111 
112     if (lenbytes == 0)
113         return 1;
114 
115     pkt->subs->pwritten = lenbytes;
116     pkt->subs->lenbytes = lenbytes;
117 
118     if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars)) {
119         OPENSSL_free(pkt->subs);
120         pkt->subs = NULL;
121         return 0;
122     }
123     pkt->subs->packet_len = 0;
124 
125     return 1;
126 }
127 
WPACKET_init_static_len(WPACKET * pkt,unsigned char * buf,size_t len,size_t lenbytes)128 int WPACKET_init_static_len(WPACKET *pkt, unsigned char *buf, size_t len,
129                             size_t lenbytes)
130 {
131     size_t max = maxmaxsize(lenbytes);
132 
133     /* Internal API, so should not fail */
134     if (!ossl_assert(buf != NULL && len > 0))
135         return 0;
136 
137     pkt->staticbuf = buf;
138     pkt->buf = NULL;
139     pkt->maxsize = (max < len) ? max : len;
140     pkt->endfirst = 0;
141 
142     return wpacket_intern_init_len(pkt, lenbytes);
143 }
144 
WPACKET_init_der(WPACKET * pkt,unsigned char * buf,size_t len)145 int WPACKET_init_der(WPACKET *pkt, unsigned char *buf, size_t len)
146 {
147     /* Internal API, so should not fail */
148     if (!ossl_assert(buf != NULL && len > 0))
149         return 0;
150 
151     pkt->staticbuf = buf;
152     pkt->buf = NULL;
153     pkt->maxsize = len;
154     pkt->endfirst = 1;
155 
156     return wpacket_intern_init_len(pkt, 0);
157 }
158 
WPACKET_init_len(WPACKET * pkt,BUF_MEM * buf,size_t lenbytes)159 int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes)
160 {
161     /* Internal API, so should not fail */
162     if (!ossl_assert(buf != NULL))
163         return 0;
164 
165     pkt->staticbuf = NULL;
166     pkt->buf = buf;
167     pkt->maxsize = maxmaxsize(lenbytes);
168     pkt->endfirst = 0;
169 
170     return wpacket_intern_init_len(pkt, lenbytes);
171 }
172 
WPACKET_init(WPACKET * pkt,BUF_MEM * buf)173 int WPACKET_init(WPACKET *pkt, BUF_MEM *buf)
174 {
175     return WPACKET_init_len(pkt, buf, 0);
176 }
177 
WPACKET_init_null(WPACKET * pkt,size_t lenbytes)178 int WPACKET_init_null(WPACKET *pkt, size_t lenbytes)
179 {
180     pkt->staticbuf = NULL;
181     pkt->buf = NULL;
182     pkt->maxsize = maxmaxsize(lenbytes);
183     pkt->endfirst = 0;
184 
185     return wpacket_intern_init_len(pkt, 0);
186 }
187 
WPACKET_init_null_der(WPACKET * pkt)188 int WPACKET_init_null_der(WPACKET *pkt)
189 {
190     pkt->staticbuf = NULL;
191     pkt->buf = NULL;
192     pkt->maxsize = SIZE_MAX;
193     pkt->endfirst = 1;
194 
195     return wpacket_intern_init_len(pkt, 0);
196 }
197 
WPACKET_set_flags(WPACKET * pkt,unsigned int flags)198 int WPACKET_set_flags(WPACKET *pkt, unsigned int flags)
199 {
200     /* Internal API, so should not fail */
201     if (!ossl_assert(pkt->subs != NULL))
202         return 0;
203 
204     pkt->subs->flags = flags;
205 
206     return 1;
207 }
208 
209 /* Store the |value| of length |len| at location |data| */
put_value(unsigned char * data,uint64_t value,size_t len)210 static int put_value(unsigned char *data, uint64_t value, size_t len)
211 {
212     if (data == NULL)
213         return 1;
214 
215     for (data += len - 1; len > 0; len--) {
216         *data = (unsigned char)(value & 0xff);
217         data--;
218         value >>= 8;
219     }
220 
221     /* Check whether we could fit the value in the assigned number of bytes */
222     if (value > 0)
223         return 0;
224 
225     return 1;
226 }
227 
228 
229 /*
230  * Internal helper function used by WPACKET_close(), WPACKET_finish() and
231  * WPACKET_fill_lengths() to close a sub-packet and write out its length if
232  * necessary. If |doclose| is 0 then it goes through the motions of closing
233  * (i.e. it fills in all the lengths), but doesn't actually close anything.
234  */
wpacket_intern_close(WPACKET * pkt,WPACKET_SUB * sub,int doclose)235 static int wpacket_intern_close(WPACKET *pkt, WPACKET_SUB *sub, int doclose)
236 {
237     size_t packlen = pkt->written - sub->pwritten;
238 
239     if (packlen == 0
240             && (sub->flags & WPACKET_FLAGS_NON_ZERO_LENGTH) != 0)
241         return 0;
242 
243     if (packlen == 0
244             && sub->flags & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) {
245         /* We can't handle this case. Return an error */
246         if (!doclose)
247             return 0;
248 
249         /* Deallocate any bytes allocated for the length of the WPACKET */
250         if ((pkt->curr - sub->lenbytes) == sub->packet_len) {
251             pkt->written -= sub->lenbytes;
252             pkt->curr -= sub->lenbytes;
253         }
254 
255         /* Don't write out the packet length */
256         sub->packet_len = 0;
257         sub->lenbytes = 0;
258     }
259 
260     /* Write out the WPACKET length if needed */
261     if (sub->lenbytes > 0) {
262         unsigned char *buf = GETBUF(pkt);
263 
264         if (buf != NULL
265                 && !put_value(&buf[sub->packet_len], packlen,
266                               sub->lenbytes))
267             return 0;
268     } else if (pkt->endfirst && sub->parent != NULL
269                && (packlen != 0
270                    || (sub->flags
271                        & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) == 0)) {
272         size_t tmplen = packlen;
273         size_t numlenbytes = 1;
274 
275         while ((tmplen = tmplen >> 8) > 0)
276             numlenbytes++;
277         if (!WPACKET_put_bytes__(pkt, packlen, numlenbytes))
278             return 0;
279         if (packlen > 0x7f) {
280             numlenbytes |= 0x80;
281             if (!WPACKET_put_bytes_u8(pkt, numlenbytes))
282                 return 0;
283         }
284     }
285 
286     if (doclose) {
287         pkt->subs = sub->parent;
288         OPENSSL_free(sub);
289     }
290 
291     return 1;
292 }
293 
WPACKET_fill_lengths(WPACKET * pkt)294 int WPACKET_fill_lengths(WPACKET *pkt)
295 {
296     WPACKET_SUB *sub;
297 
298     if (!ossl_assert(pkt->subs != NULL))
299         return 0;
300 
301     for (sub = pkt->subs; sub != NULL; sub = sub->parent) {
302         if (!wpacket_intern_close(pkt, sub, 0))
303             return 0;
304     }
305 
306     return 1;
307 }
308 
WPACKET_close(WPACKET * pkt)309 int WPACKET_close(WPACKET *pkt)
310 {
311     /*
312      * Internal API, so should not fail - but we do negative testing of this
313      * so no assert (otherwise the tests fail)
314      */
315     if (pkt->subs == NULL || pkt->subs->parent == NULL)
316         return 0;
317 
318     return wpacket_intern_close(pkt, pkt->subs, 1);
319 }
320 
WPACKET_finish(WPACKET * pkt)321 int WPACKET_finish(WPACKET *pkt)
322 {
323     int ret;
324 
325     /*
326      * Internal API, so should not fail - but we do negative testing of this
327      * so no assert (otherwise the tests fail)
328      */
329     if (pkt->subs == NULL || pkt->subs->parent != NULL)
330         return 0;
331 
332     ret = wpacket_intern_close(pkt, pkt->subs, 1);
333     if (ret) {
334         OPENSSL_free(pkt->subs);
335         pkt->subs = NULL;
336     }
337 
338     return ret;
339 }
340 
WPACKET_start_sub_packet_len__(WPACKET * pkt,size_t lenbytes)341 int WPACKET_start_sub_packet_len__(WPACKET *pkt, size_t lenbytes)
342 {
343     WPACKET_SUB *sub;
344     unsigned char *lenchars;
345 
346     /* Internal API, so should not fail */
347     if (!ossl_assert(pkt->subs != NULL))
348         return 0;
349 
350     /* We don't support lenbytes greater than 0 when doing endfirst writing */
351     if (lenbytes > 0 && pkt->endfirst)
352         return 0;
353 
354     if ((sub = OPENSSL_zalloc(sizeof(*sub))) == NULL) {
355         ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
356         return 0;
357     }
358 
359     sub->parent = pkt->subs;
360     pkt->subs = sub;
361     sub->pwritten = pkt->written + lenbytes;
362     sub->lenbytes = lenbytes;
363 
364     if (lenbytes == 0) {
365         sub->packet_len = 0;
366         return 1;
367     }
368 
369     sub->packet_len = pkt->written;
370 
371     if (!WPACKET_allocate_bytes(pkt, lenbytes, &lenchars))
372         return 0;
373 
374     return 1;
375 }
376 
WPACKET_start_sub_packet(WPACKET * pkt)377 int WPACKET_start_sub_packet(WPACKET *pkt)
378 {
379     return WPACKET_start_sub_packet_len__(pkt, 0);
380 }
381 
WPACKET_put_bytes__(WPACKET * pkt,uint64_t val,size_t size)382 int WPACKET_put_bytes__(WPACKET *pkt, uint64_t val, size_t size)
383 {
384     unsigned char *data;
385 
386     /* Internal API, so should not fail */
387     if (!ossl_assert(size <= sizeof(uint64_t))
388             || !WPACKET_allocate_bytes(pkt, size, &data)
389             || !put_value(data, val, size))
390         return 0;
391 
392     return 1;
393 }
394 
WPACKET_set_max_size(WPACKET * pkt,size_t maxsize)395 int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize)
396 {
397     WPACKET_SUB *sub;
398     size_t lenbytes;
399 
400     /* Internal API, so should not fail */
401     if (!ossl_assert(pkt->subs != NULL))
402         return 0;
403 
404     /* Find the WPACKET_SUB for the top level */
405     for (sub = pkt->subs; sub->parent != NULL; sub = sub->parent)
406         continue;
407 
408     lenbytes = sub->lenbytes;
409     if (lenbytes == 0)
410         lenbytes = sizeof(pkt->maxsize);
411 
412     if (maxmaxsize(lenbytes) < maxsize || maxsize < pkt->written)
413         return 0;
414 
415     pkt->maxsize = maxsize;
416 
417     return 1;
418 }
419 
WPACKET_memset(WPACKET * pkt,int ch,size_t len)420 int WPACKET_memset(WPACKET *pkt, int ch, size_t len)
421 {
422     unsigned char *dest;
423 
424     if (len == 0)
425         return 1;
426 
427     if (!WPACKET_allocate_bytes(pkt, len, &dest))
428         return 0;
429 
430     if (dest != NULL)
431         memset(dest, ch, len);
432 
433     return 1;
434 }
435 
WPACKET_memcpy(WPACKET * pkt,const void * src,size_t len)436 int WPACKET_memcpy(WPACKET *pkt, const void *src, size_t len)
437 {
438     unsigned char *dest;
439 
440     if (len == 0)
441         return 1;
442 
443     if (!WPACKET_allocate_bytes(pkt, len, &dest))
444         return 0;
445 
446     if (dest != NULL)
447         memcpy(dest, src, len);
448 
449     return 1;
450 }
451 
WPACKET_sub_memcpy__(WPACKET * pkt,const void * src,size_t len,size_t lenbytes)452 int WPACKET_sub_memcpy__(WPACKET *pkt, const void *src, size_t len,
453                          size_t lenbytes)
454 {
455     if (!WPACKET_start_sub_packet_len__(pkt, lenbytes)
456             || !WPACKET_memcpy(pkt, src, len)
457             || !WPACKET_close(pkt))
458         return 0;
459 
460     return 1;
461 }
462 
WPACKET_get_total_written(WPACKET * pkt,size_t * written)463 int WPACKET_get_total_written(WPACKET *pkt, size_t *written)
464 {
465     /* Internal API, so should not fail */
466     if (!ossl_assert(written != NULL))
467         return 0;
468 
469     *written = pkt->written;
470 
471     return 1;
472 }
473 
WPACKET_get_length(WPACKET * pkt,size_t * len)474 int WPACKET_get_length(WPACKET *pkt, size_t *len)
475 {
476     /* Internal API, so should not fail */
477     if (!ossl_assert(pkt->subs != NULL && len != NULL))
478         return 0;
479 
480     *len = pkt->written - pkt->subs->pwritten;
481 
482     return 1;
483 }
484 
WPACKET_get_curr(WPACKET * pkt)485 unsigned char *WPACKET_get_curr(WPACKET *pkt)
486 {
487     unsigned char *buf = GETBUF(pkt);
488 
489     if (buf == NULL)
490         return NULL;
491 
492     if (pkt->endfirst)
493         return buf + pkt->maxsize - pkt->curr;
494 
495     return buf + pkt->curr;
496 }
497 
WPACKET_is_null_buf(WPACKET * pkt)498 int WPACKET_is_null_buf(WPACKET *pkt)
499 {
500     return pkt->buf == NULL && pkt->staticbuf == NULL;
501 }
502 
WPACKET_cleanup(WPACKET * pkt)503 void WPACKET_cleanup(WPACKET *pkt)
504 {
505     WPACKET_SUB *sub, *parent;
506 
507     for (sub = pkt->subs; sub != NULL; sub = parent) {
508         parent = sub->parent;
509         OPENSSL_free(sub);
510     }
511     pkt->subs = NULL;
512 }
513