crypto/params_from_text.c

   1 /*
   2  * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
   3  * Copyright (c) 2019, Oracle and/or its affiliates.  All rights reserved.
   4  *
   5  * Licensed under the Apache License 2.0 (the "License").  You may not use
   6  * this file except in compliance with the License.  You can obtain a copy
   7  * in the file LICENSE in the source distribution or at
   8  * https://www.openssl.org/source/license.html
   9  */
  10
  11 #include <string.h>
  12 #include <openssl/ebcdic.h>
  13 #include <openssl/err.h>
  14 #include <openssl/params.h>
  15
  16 /*
  17  * When processing text to params, we're trying to be smart with numbers.
  18  * Instead of handling each specific separate integer type, we use a bignum
  19  * and ensure that it isn't larger than the expected size, and we then make
  20  * sure it is the expected size...  if there is one given.
  21  * (if the size can be arbitrary, then we give whatever we have)
  22  */
  23
  24 static int prepare_from_text(const OSSL_PARAM *paramdefs, const char *key,
  25                              const char *value, size_t value_n,
  26                              /* Output parameters */
  27                              const OSSL_PARAM **paramdef, int *ishex,
  28                              size_t *buf_n, BIGNUM **tmpbn, int *found)
  29 {
  30     const OSSL_PARAM *p;
  31     size_t buf_bits;
  32     int r;
  33
  34     /*
  35      * ishex is used to translate legacy style string controls in hex format
  36      * to octet string parameters.
  37      */
  38     *ishex = strncmp(key, "hex", 3) == 0;
  39
  40     if (*ishex)
  41         key += 3;
  42
  43     p = *paramdef = OSSL_PARAM_locate_const(paramdefs, key);
  44     if (found != NULL)
  45         *found = p != NULL;
  46     if (p == NULL)
  47         return 0;
  48
  49     switch (p->data_type) {
  50     case OSSL_PARAM_INTEGER:
  51     case OSSL_PARAM_UNSIGNED_INTEGER:
  52         if (*ishex)
  53             r = BN_hex2bn(tmpbn, value);
  54         else
  55             r = BN_asc2bn(tmpbn, value);
  56
  57         if (r == 0 || *tmpbn == NULL)
  58             return 0;
  59
  60         /*
  61          * 2s complement negate, part 1
  62          *
  63          * BN_bn2nativepad puts the absolute value of the number in the
  64          * buffer, i.e. if it's negative, we need to deal with it.  We do
  65          * it by subtracting 1 here and inverting the bytes in
  66          * construct_from_text() below.
  67          * To subtract 1 from an absolute value of a negative number we
  68          * actually have to add 1: -3 - 1 = -4, |-3| = 3 + 1 = 4.
  69          */
  70         if (p->data_type == OSSL_PARAM_INTEGER && BN_is_negative(*tmpbn)
  71             && !BN_add_word(*tmpbn, 1)) {
  72             return 0;
  73         }
  74
  75         buf_bits = (size_t)BN_num_bits(*tmpbn);
  76         *buf_n = (buf_bits + 7) / 8;
  77
  78         /*
  79          * A zero data size means "arbitrary size", so only do the
  80          * range checking if a size is specified.
  81          */
  82         if (p->data_size > 0) {
  83             if (buf_bits > p->data_size * 8
  84                 || (p->data_type == OSSL_PARAM_INTEGER
  85                     && buf_bits == p->data_size * 8)) {
  86                 ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_SMALL_BUFFER);
  87                 /* Since this is a different error, we don't break */
  88                 return 0;
  89             }
  90             /* Change actual size to become the desired size. */
  91             *buf_n = p->data_size;
  92         }
  93         break;
  94     case OSSL_PARAM_UTF8_STRING:
  95         if (*ishex) {
  96             ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_INVALID_ARGUMENT);
  97             return 0;
  98         }
  99         *buf_n = strlen(value) + 1;
 100         break;
 101     case OSSL_PARAM_OCTET_STRING:
 102         if (*ishex) {
 103             *buf_n = strlen(value) >> 1;
 104         } else {
 105             *buf_n = value_n;
 106         }
 107         break;
 108     }
 109
 110     return 1;
 111 }
 112
 113 static int construct_from_text(OSSL_PARAM *to, const OSSL_PARAM *paramdef,
 114                                const char *value, size_t value_n, int ishex,
 115                                void *buf, size_t buf_n, BIGNUM *tmpbn)
 116 {
 117     if (buf == NULL)
 118         return 0;
 119
 120     if (buf_n > 0) {
 121         switch (paramdef->data_type) {
 122         case OSSL_PARAM_INTEGER:
 123         case OSSL_PARAM_UNSIGNED_INTEGER:
 124             /*
 125             {
 126                 if ((new_value = OPENSSL_malloc(new_value_n)) == NULL) {
 127                     BN_free(a);
 128                     break;
 129                 }
 130             */
 131
 132             BN_bn2nativepad(tmpbn, buf, buf_n);
 133
 134             /*
 135              * 2s complement negate, part two.
 136              *
 137              * Because we did the first part on the BIGNUM itself, we can just
 138              * invert all the bytes here and be done with it.
 139              */
 140             if (paramdef->data_type == OSSL_PARAM_INTEGER
 141                 && BN_is_negative(tmpbn)) {
 142                 unsigned char *cp;
 143                 size_t i = buf_n;
 144
 145                 for (cp = buf; i-- > 0; cp++)
 146                     *cp ^= 0xFF;
 147             }
 148             break;
 149         case OSSL_PARAM_UTF8_STRING:
 150 #ifdef CHARSET_EBCDIC
 151             ebcdic2ascii(buf, value, buf_n);
 152 #else
 153             strncpy(buf, value, buf_n);
 154 #endif
 155             /* Don't count the terminating NUL byte as data */
 156             buf_n--;
 157             break;
 158         case OSSL_PARAM_OCTET_STRING:
 159             if (ishex) {
 160                 size_t l = 0;
 161
 162                 if (!OPENSSL_hexstr2buf_ex(buf, buf_n, &l, value, ':'))
 163                     return 0;
 164             } else {
 165                 memcpy(buf, value, buf_n);
 166             }
 167             break;
 168         }
 169     }
 170
 171     *to = *paramdef;
 172     to->data = buf;
 173     to->data_size = buf_n;
 174     to->return_size = OSSL_PARAM_UNMODIFIED;
 175
 176     return 1;
 177 }
 178
 179 int OSSL_PARAM_allocate_from_text(OSSL_PARAM *to,
 180                                   const OSSL_PARAM *paramdefs,
 181                                   const char *key, const char *value,
 182                                   size_t value_n, int *found)
 183 {
 184     const OSSL_PARAM *paramdef = NULL;
 185     int ishex = 0;
 186     void *buf = NULL;
 187     size_t buf_n = 0;
 188     BIGNUM *tmpbn = NULL;
 189     int ok = 0;
 190
 191     if (to == NULL || paramdefs == NULL)
 192         return 0;
 193
 194     if (!prepare_from_text(paramdefs, key, value, value_n,
 195                            &paramdef, &ishex, &buf_n, &tmpbn, found))
 196         goto err;
 197
 198     if ((buf = OPENSSL_zalloc(buf_n > 0 ? buf_n : 1)) == NULL) {
 199         ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
 200         goto err;
 201     }
 202
 203     ok = construct_from_text(to, paramdef, value, value_n, ishex,
 204                              buf, buf_n, tmpbn);
 205     BN_free(tmpbn);
 206     if (!ok)
 207         OPENSSL_free(buf);
 208     return ok;
 209  err:
 210     BN_free(tmpbn);
 211     return 0;
 212 }