1 /*
2 * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include "internal/cryptlib.h"
12 #include <openssl/asn1t.h>
13
14 #define COPY_SIZE(a, b) (sizeof(a) < sizeof(b) ? sizeof(a) : sizeof(b))
15
16 /*
17 * Custom primitive type for long handling. This converts between an
18 * ASN1_INTEGER and a long directly.
19 */
20
21 static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
22 static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
23
24 static int long_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype,
25 const ASN1_ITEM *it);
26 static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
27 int utype, char *free_cont, const ASN1_ITEM *it);
28 static int long_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it,
29 int indent, const ASN1_PCTX *pctx);
30
31 static ASN1_PRIMITIVE_FUNCS long_pf = {
32 NULL, 0,
33 long_new,
34 long_free,
35 long_free, /* Clear should set to initial value */
36 long_c2i,
37 long_i2c,
38 long_print
39 };
40
ASN1_ITEM_start(LONG)41 ASN1_ITEM_start(LONG)
42 ASN1_ITYPE_PRIMITIVE,
43 V_ASN1_INTEGER, NULL, 0, &long_pf, ASN1_LONG_UNDEF, "LONG" ASN1_ITEM_end(LONG)
44
45 ASN1_ITEM_start(ZLONG) ASN1_ITYPE_PRIMITIVE,
46 V_ASN1_INTEGER, NULL, 0, &long_pf, 0, "ZLONG" ASN1_ITEM_end(ZLONG)
47
48 static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
49 {
50 memcpy(pval, &it->size, COPY_SIZE(*pval, it->size));
51 return 1;
52 }
53
long_free(ASN1_VALUE ** pval,const ASN1_ITEM * it)54 static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
55 {
56 memcpy(pval, &it->size, COPY_SIZE(*pval, it->size));
57 }
58
59 /*
60 * Originally BN_num_bits_word was called to perform this operation, but
61 * trouble is that there is no guarantee that sizeof(long) equals to
62 * sizeof(BN_ULONG). BN_ULONG is a configurable type that can be as wide
63 * as long, but also double or half...
64 */
num_bits_ulong(unsigned long value)65 static int num_bits_ulong(unsigned long value)
66 {
67 size_t i;
68 unsigned long ret = 0;
69
70 /*
71 * It is argued that *on average* constant counter loop performs
72 * not worse [if not better] than one with conditional break or
73 * mask-n-table-lookup-style, because of branch misprediction
74 * penalties.
75 */
76 for (i = 0; i < sizeof(value) * 8; i++) {
77 ret += (value != 0);
78 value >>= 1;
79 }
80
81 return (int)ret;
82 }
83
long_i2c(const ASN1_VALUE ** pval,unsigned char * cont,int * putype,const ASN1_ITEM * it)84 static int long_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype,
85 const ASN1_ITEM *it)
86 {
87 long ltmp;
88 unsigned long utmp, sign;
89 int clen, pad, i;
90
91 memcpy(<mp, pval, COPY_SIZE(*pval, ltmp));
92 if (ltmp == it->size)
93 return -1;
94 /*
95 * Convert the long to positive: we subtract one if negative so we can
96 * cleanly handle the padding if only the MSB of the leading octet is
97 * set.
98 */
99 if (ltmp < 0) {
100 sign = 0xff;
101 utmp = 0 - (unsigned long)ltmp - 1;
102 } else {
103 sign = 0;
104 utmp = ltmp;
105 }
106 clen = num_bits_ulong(utmp);
107 /* If MSB of leading octet set we need to pad */
108 if (!(clen & 0x7))
109 pad = 1;
110 else
111 pad = 0;
112
113 /* Convert number of bits to number of octets */
114 clen = (clen + 7) >> 3;
115
116 if (cont != NULL) {
117 if (pad)
118 *cont++ = (unsigned char)sign;
119 for (i = clen - 1; i >= 0; i--) {
120 cont[i] = (unsigned char)(utmp ^ sign);
121 utmp >>= 8;
122 }
123 }
124 return clen + pad;
125 }
126
long_c2i(ASN1_VALUE ** pval,const unsigned char * cont,int len,int utype,char * free_cont,const ASN1_ITEM * it)127 static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
128 int utype, char *free_cont, const ASN1_ITEM *it)
129 {
130 int i;
131 long ltmp;
132 unsigned long utmp = 0, sign = 0x100;
133
134 if (len > 1) {
135 /*
136 * Check possible pad byte. Worst case, we're skipping past actual
137 * content, but since that's only with 0x00 and 0xff and we set neg
138 * accordingly, the result will be correct in the end anyway.
139 */
140 switch (cont[0]) {
141 case 0xff:
142 cont++;
143 len--;
144 sign = 0xff;
145 break;
146 case 0:
147 cont++;
148 len--;
149 sign = 0;
150 break;
151 }
152 }
153 if (len > (int)sizeof(long)) {
154 ERR_raise(ERR_LIB_ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
155 return 0;
156 }
157
158 if (sign == 0x100) {
159 /* Is it negative? */
160 if (len && (cont[0] & 0x80))
161 sign = 0xff;
162 else
163 sign = 0;
164 } else if (((sign ^ cont[0]) & 0x80) == 0) { /* same sign bit? */
165 ERR_raise(ERR_LIB_ASN1, ASN1_R_ILLEGAL_PADDING);
166 return 0;
167 }
168 utmp = 0;
169 for (i = 0; i < len; i++) {
170 utmp <<= 8;
171 utmp |= cont[i] ^ sign;
172 }
173 ltmp = (long)utmp;
174 if (ltmp < 0) {
175 ERR_raise(ERR_LIB_ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
176 return 0;
177 }
178 if (sign)
179 ltmp = -ltmp - 1;
180 if (ltmp == it->size) {
181 ERR_raise(ERR_LIB_ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
182 return 0;
183 }
184 memcpy(pval, <mp, COPY_SIZE(*pval, ltmp));
185 return 1;
186 }
187
long_print(BIO * out,const ASN1_VALUE ** pval,const ASN1_ITEM * it,int indent,const ASN1_PCTX * pctx)188 static int long_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it,
189 int indent, const ASN1_PCTX *pctx)
190 {
191 long l;
192
193 memcpy(&l, pval, COPY_SIZE(*pval, l));
194 return BIO_printf(out, "%ld\n", l);
195 }
196