crypto/asn1/x_int64.c

   1 /*
   2  * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <stdio.h>
  11 #include "internal/cryptlib.h"
  12 #include "internal/numbers.h"
  13 #include <openssl/asn1t.h>
  14 #include <openssl/bn.h>
  15 #include "asn1_locl.h"
  16
  17 /*
  18  * Custom primitive types for handling int32_t, int64_t, uint32_t, uint64_t.
  19  * This converts between an ASN1_INTEGER and those types directly.
  20  * This is preferred to using the LONG / ZLONG primitives.
  21  */
  22
  23 /*
  24  * We abuse the ASN1_ITEM fields |size| as a flags field
  25  */
  26 #define INTxx_FLAG_ZERO_DEFAULT (1<<0)
  27 #define INTxx_FLAG_SIGNED       (1<<1)
  28
  29 static int uint64_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
  30 {
  31     if ((*pval = (ASN1_VALUE *)OPENSSL_zalloc(sizeof(uint64_t))) == NULL) {
  32         ASN1err(ASN1_F_UINT64_NEW, ERR_R_MALLOC_FAILURE);
  33         return 0;
  34     }
  35     return 1;
  36 }
  37
  38 static void uint64_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
  39 {
  40     OPENSSL_free(*pval);
  41     *pval = NULL;
  42 }
  43
  44 static void uint64_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
  45 {
  46     **(uint64_t **)pval = 0;
  47 }
  48
  49 static int uint64_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype,
  50                       const ASN1_ITEM *it)
  51 {
  52     uint64_t utmp;
  53     int neg = 0;
  54     /* this exists to bypass broken gcc optimization */
  55     char *cp = (char *)*pval;
  56
  57     /* use memcpy, because we may not be uint64_t aligned */
  58     memcpy(&utmp, cp, sizeof(utmp));
  59
  60     if ((it->size & INTxx_FLAG_ZERO_DEFAULT) == INTxx_FLAG_ZERO_DEFAULT
  61         && utmp == 0)
  62         return -1;
  63     if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
  64         && (int64_t)utmp < 0) {
  65         /* i2c_uint64_int() assumes positive values */
  66         utmp = 0 - utmp;
  67         neg = 1;
  68     }
  69
  70     return i2c_uint64_int(cont, utmp, neg);
  71 }
  72
  73 static int uint64_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
  74                       int utype, char *free_cont, const ASN1_ITEM *it)
  75 {
  76     uint64_t utmp = 0;
  77     char *cp;
  78     int neg = 0;
  79
  80     if (*pval == NULL && !uint64_new(pval, it))
  81         return 0;
  82
  83     cp = (char *)*pval;
  84
  85     /*
  86      * Strictly speaking, zero length is malformed.  However, long_c2i
  87      * (x_long.c) encodes 0 as a zero length INTEGER (wrongly, of course),
  88      * so for the sake of backward compatibility, we still decode zero
  89      * length INTEGERs as the number zero.
  90      */
  91     if (len == 0)
  92         goto long_compat;
  93
  94     if (!c2i_uint64_int(&utmp, &neg, &cont, len))
  95         return 0;
  96     if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) {
  97         ASN1err(ASN1_F_UINT64_C2I, ASN1_R_ILLEGAL_NEGATIVE_VALUE);
  98         return 0;
  99     }
 100     if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
 101             && !neg && utmp > INT64_MAX) {
 102         ASN1err(ASN1_F_UINT64_C2I, ASN1_R_TOO_LARGE);
 103         return 0;
 104     }
 105     if (neg)
 106         /* c2i_uint64_int() returns positive values */
 107         utmp = 0 - utmp;
 108
 109  long_compat:
 110     memcpy(cp, &utmp, sizeof(utmp));
 111     return 1;
 112 }
 113
 114 static int uint64_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it,
 115                         int indent, const ASN1_PCTX *pctx)
 116 {
 117     if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED)
 118         return BIO_printf(out, "%jd\n", **(int64_t **)pval);
 119     return BIO_printf(out, "%ju\n", **(uint64_t **)pval);
 120 }
 121
 122 /* 32-bit variants */
 123
 124 static int uint32_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
 125 {
 126     if ((*pval = (ASN1_VALUE *)OPENSSL_zalloc(sizeof(uint32_t))) == NULL) {
 127         ASN1err(ASN1_F_UINT32_NEW, ERR_R_MALLOC_FAILURE);
 128         return 0;
 129     }
 130     return 1;
 131 }
 132
 133 static void uint32_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
 134 {
 135     OPENSSL_free(*pval);
 136     *pval = NULL;
 137 }
 138
 139 static void uint32_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
 140 {
 141     **(uint32_t **)pval = 0;
 142 }
 143
 144 static int uint32_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype,
 145                       const ASN1_ITEM *it)
 146 {
 147     uint32_t utmp;
 148     int neg = 0;
 149     /* this exists to bypass broken gcc optimization */
 150     char *cp = (char *)*pval;
 151
 152     /* use memcpy, because we may not be uint32_t aligned */
 153     memcpy(&utmp, cp, sizeof(utmp));
 154
 155     if ((it->size & INTxx_FLAG_ZERO_DEFAULT) == INTxx_FLAG_ZERO_DEFAULT
 156         && utmp == 0)
 157         return -1;
 158     if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
 159         && (int32_t)utmp < 0) {
 160         /* i2c_uint64_int() assumes positive values */
 161         utmp = 0 - utmp;
 162         neg = 1;
 163     }
 164
 165     return i2c_uint64_int(cont, (uint64_t)utmp, neg);
 166 }
 167
 168 /*
 169  * Absolute value of INT32_MIN: we can't just use -INT32_MIN as it produces
 170  * overflow warnings.
 171  */
 172
 173 #define ABS_INT32_MIN ((uint32_t)INT32_MAX + 1)
 174
 175 static int uint32_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
 176                       int utype, char *free_cont, const ASN1_ITEM *it)
 177 {
 178     uint64_t utmp = 0;
 179     uint32_t utmp2 = 0;
 180     char *cp;
 181     int neg = 0;
 182
 183     if (*pval == NULL && !uint64_new(pval, it))
 184         return 0;
 185
 186     cp = (char *)*pval;
 187
 188     /*
 189      * Strictly speaking, zero length is malformed.  However, long_c2i
 190      * (x_long.c) encodes 0 as a zero length INTEGER (wrongly, of course),
 191      * so for the sake of backward compatibility, we still decode zero
 192      * length INTEGERs as the number zero.
 193      */
 194     if (len == 0)
 195         goto long_compat;
 196
 197     if (!c2i_uint64_int(&utmp, &neg, &cont, len))
 198         return 0;
 199     if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) {
 200         ASN1err(ASN1_F_UINT32_C2I, ASN1_R_ILLEGAL_NEGATIVE_VALUE);
 201         return 0;
 202     }
 203     if (neg) {
 204         if (utmp > ABS_INT32_MIN) {
 205             ASN1err(ASN1_F_UINT32_C2I, ASN1_R_TOO_SMALL);
 206             return 0;
 207         }
 208         utmp = 0 - utmp;
 209     } else {
 210         if (((it->size & INTxx_FLAG_SIGNED) != 0 && utmp > INT32_MAX)
 211             || ((it->size & INTxx_FLAG_SIGNED) == 0 && utmp > UINT32_MAX)) {
 212             ASN1err(ASN1_F_UINT32_C2I, ASN1_R_TOO_LARGE);
 213             return 0;
 214         }
 215     }
 216
 217  long_compat:
 218     utmp2 = (uint32_t)utmp;
 219     memcpy(cp, &utmp2, sizeof(utmp2));
 220     return 1;
 221 }
 222
 223 static int uint32_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it,
 224                         int indent, const ASN1_PCTX *pctx)
 225 {
 226     if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED)
 227         return BIO_printf(out, "%d\n", **(int32_t **)pval);
 228     return BIO_printf(out, "%u\n", **(uint32_t **)pval);
 229 }
 230
 231
 232 /* Define the primitives themselves */
 233
 234 static ASN1_PRIMITIVE_FUNCS uint32_pf = {
 235     NULL, 0,
 236     uint32_new,
 237     uint32_free,
 238     uint32_clear,
 239     uint32_c2i,
 240     uint32_i2c,
 241     uint32_print
 242 };
 243
 244 static ASN1_PRIMITIVE_FUNCS uint64_pf = {
 245     NULL, 0,
 246     uint64_new,
 247     uint64_free,
 248     uint64_clear,
 249     uint64_c2i,
 250     uint64_i2c,
 251     uint64_print
 252 };
 253
 254 ASN1_ITEM_start(INT32)
 255     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf,
 256     INTxx_FLAG_SIGNED, "INT32"
 257 ASN1_ITEM_end(INT32)
 258
 259 ASN1_ITEM_start(UINT32)
 260     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf, 0, "UINT32"
 261 ASN1_ITEM_end(UINT32)
 262
 263 ASN1_ITEM_start(INT64)
 264     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf,
 265     INTxx_FLAG_SIGNED, "INT64"
 266 ASN1_ITEM_end(INT64)
 267
 268 ASN1_ITEM_start(UINT64)
 269     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf, 0, "UINT64"
 270 ASN1_ITEM_end(UINT64)
 271
 272 ASN1_ITEM_start(ZINT32)
 273     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf,
 274     INTxx_FLAG_ZERO_DEFAULT|INTxx_FLAG_SIGNED, "ZINT32"
 275 ASN1_ITEM_end(ZINT32)
 276
 277 ASN1_ITEM_start(ZUINT32)
 278     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint32_pf,
 279     INTxx_FLAG_ZERO_DEFAULT, "ZUINT32"
 280 ASN1_ITEM_end(ZUINT32)
 281
 282 ASN1_ITEM_start(ZINT64)
 283     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf,
 284     INTxx_FLAG_ZERO_DEFAULT|INTxx_FLAG_SIGNED, "ZINT64"
 285 ASN1_ITEM_end(ZINT64)
 286
 287 ASN1_ITEM_start(ZUINT64)
 288     ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &uint64_pf,
 289     INTxx_FLAG_ZERO_DEFAULT, "ZUINT64"
 290 ASN1_ITEM_end(ZUINT64)
 291