2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
12 #include <openssl/ebcdic.h>
13 #include <openssl/err.h>
14 #include <openssl/params.h>
17 * When processing text to params, we're trying to be smart with numbers.
18 * Instead of handling each specific separate integer type, we use a bignum
19 * and ensure that it isn't larger than the expected size, and we then make
20 * sure it is the expected size... if there is one given.
21 * (if the size can be arbitrary, then we give whatever we have)
24 static int prepare_from_text(const OSSL_PARAM
*paramdefs
, const char *key
,
25 const char *value
, size_t value_n
,
26 /* Output parameters */
27 const OSSL_PARAM
**paramdef
, int *ishex
,
28 size_t *buf_n
, BIGNUM
**tmpbn
, int *found
)
35 * ishex is used to translate legacy style string controls in hex format
36 * to octet string parameters.
38 *ishex
= strncmp(key
, "hex", 3) == 0;
43 p
= *paramdef
= OSSL_PARAM_locate_const(paramdefs
, key
);
49 switch (p
->data_type
) {
50 case OSSL_PARAM_INTEGER
:
51 case OSSL_PARAM_UNSIGNED_INTEGER
:
53 r
= BN_hex2bn(tmpbn
, value
);
55 r
= BN_asc2bn(tmpbn
, value
);
57 if (r
== 0 || *tmpbn
== NULL
)
61 * 2s complement negate, part 1
63 * BN_bn2nativepad puts the absolute value of the number in the
64 * buffer, i.e. if it's negative, we need to deal with it. We do
65 * it by subtracting 1 here and inverting the bytes in
66 * construct_from_text() below.
67 * To subtract 1 from an absolute value of a negative number we
68 * actually have to add 1: -3 - 1 = -4, |-3| = 3 + 1 = 4.
70 if (p
->data_type
== OSSL_PARAM_INTEGER
&& BN_is_negative(*tmpbn
)
71 && !BN_add_word(*tmpbn
, 1)) {
75 buf_bits
= (size_t)BN_num_bits(*tmpbn
);
76 *buf_n
= (buf_bits
+ 7) / 8;
79 * A zero data size means "arbitrary size", so only do the
80 * range checking if a size is specified.
82 if (p
->data_size
> 0) {
83 if (buf_bits
> p
->data_size
* 8
84 || (p
->data_type
== OSSL_PARAM_INTEGER
85 && buf_bits
== p
->data_size
* 8)) {
86 ERR_raise(ERR_LIB_CRYPTO
, CRYPTO_R_TOO_SMALL_BUFFER
);
87 /* Since this is a different error, we don't break */
90 /* Change actual size to become the desired size. */
91 *buf_n
= p
->data_size
;
94 case OSSL_PARAM_UTF8_STRING
:
96 ERR_raise(ERR_LIB_CRYPTO
, ERR_R_PASSED_INVALID_ARGUMENT
);
99 *buf_n
= strlen(value
) + 1;
101 case OSSL_PARAM_OCTET_STRING
:
103 *buf_n
= strlen(value
) >> 1;
113 static int construct_from_text(OSSL_PARAM
*to
, const OSSL_PARAM
*paramdef
,
114 const char *value
, size_t value_n
, int ishex
,
115 void *buf
, size_t buf_n
, BIGNUM
*tmpbn
)
121 switch (paramdef
->data_type
) {
122 case OSSL_PARAM_INTEGER
:
123 case OSSL_PARAM_UNSIGNED_INTEGER
:
126 if ((new_value = OPENSSL_malloc(new_value_n)) == NULL) {
132 BN_bn2nativepad(tmpbn
, buf
, buf_n
);
135 * 2s complement negate, part two.
137 * Because we did the first part on the BIGNUM itself, we can just
138 * invert all the bytes here and be done with it.
140 if (paramdef
->data_type
== OSSL_PARAM_INTEGER
141 && BN_is_negative(tmpbn
)) {
145 for (cp
= buf
; i
-- > 0; cp
++)
149 case OSSL_PARAM_UTF8_STRING
:
150 #ifdef CHARSET_EBCDIC
151 ebcdic2ascii(buf
, value
, buf_n
);
153 strncpy(buf
, value
, buf_n
);
155 /* Don't count the terminating NUL byte as data */
158 case OSSL_PARAM_OCTET_STRING
:
162 if (!OPENSSL_hexstr2buf_ex(buf
, buf_n
, &l
, value
, ':'))
165 memcpy(buf
, value
, buf_n
);
173 to
->data_size
= buf_n
;
174 to
->return_size
= OSSL_PARAM_UNMODIFIED
;
179 int OSSL_PARAM_allocate_from_text(OSSL_PARAM
*to
,
180 const OSSL_PARAM
*paramdefs
,
181 const char *key
, const char *value
,
182 size_t value_n
, int *found
)
184 const OSSL_PARAM
*paramdef
= NULL
;
188 BIGNUM
*tmpbn
= NULL
;
191 if (to
== NULL
|| paramdefs
== NULL
)
194 if (!prepare_from_text(paramdefs
, key
, value
, value_n
,
195 ¶mdef
, &ishex
, &buf_n
, &tmpbn
, found
))
198 if ((buf
= OPENSSL_zalloc(buf_n
> 0 ? buf_n
: 1)) == NULL
) {
199 ERR_raise(ERR_LIB_CRYPTO
, ERR_R_MALLOC_FAILURE
);
203 ok
= construct_from_text(to
, paramdef
, value
, value_n
, ishex
,